Professional Documents
Culture Documents
Mate ITILv3 PDF
Mate ITILv3 PDF
IT Service Management
HF421S B.01
Student guide
ITIL V3 Foundation for
IT Service Management
HF421S B.01
Student guide
Use of this material to deliver training without prior written permission from HP is prohibited.
Copyright 2007 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice. The only warranties for HP
products and services are set forth in the express warranty statements accompanying such products and
services. Nothing herein should be construed as constituting an additional warranty. HP shall not be
liable for technical or editorial errors or omissions contained herein.
This is an HP copyrighted work that may not be reproduced without the written permission of HP. You
may not use these materials to deliver training to any person outside of your organization without the
written permission of HP.
All the content within this HP accredited training course is based on OGC ITIL ® materials, unless
otherwise stated.
HP are authorized by OGC to re-use the OGC-owned IPR (including Crown copyright material, logos
and trade marks) within the scope of HP's accredited training activities.
ITIL ® “ITIL ® is a Registered Trade Mark of the Office of Government
Commerce in the United Kingdom and other countries”
IT Infrastructure Library ® “IT Infrastructure Library ® is a Registered Trade Mark of the Office of
Government Commerce in the United Kingdom and other countries”
The Best Practice logo TM "The Best Practice logo TM is a Trade Mark of the Office of
Government Commerce"
The Swirl logo TM “The Swirl logo is a Trade Mark of the Office of Government
Commerce”
Export Compliance Agreement
Export Requirements. You may not export or re-export products subject to this agreement in violation of
any applicable laws or regulations.
Without limiting the generality of the foregoing, products subject to this agreement may not be
exported, re-exported, otherwise transferred to or within (or to a national or resident of) countries under
U.S. economic embargo and/or sanction including the following countries:
Cuba, Iran, North Korea, Sudan and Syria.
This list is subject to change.
In addition, products subject to this agreement may not be exported, re-exported, or otherwise
transferred to persons or entities listed on the U.S. Department of Commerce Denied Persons List; U.S.
Department of Commerce Entity List (15 CFR 744, Supplement 4); U.S. Treasury Department
Designated/Blocked Nationals exclusion list; or U.S. State Department Debarred Parties List; or to
parties directly or indirectly involved in the development or production of nuclear, chemical, or
biological weapons, missiles, rocket systems, or unmanned air vehicles as specified in the U.S. Export
Administration Regulations (15 CFR 744); or to parties directly or indirectly involved in the financing,
commission or support of terrorist activities.
By accepting this agreement you confirm that you are not located in (or a national or resident of) any
country under U.S. embargo or sanction; not identified on any U.S. Department of Commerce Denied
Persons List, Entity List, US State Department Debarred Parties List or Treasury Department Designated
Nationals exclusion list; not directly or indirectly involved in the development or production of nuclear,
chemical, biological weapons, missiles, rocket systems, or unmanned air vehicles as specified in the
U.S. Export Administration Regulations (15 CFR 744), and not directly or indirectly involved in the
financing, commission or support of terrorist activities.
Printed in the US
ITIL V3 Foundation for IT Service Management
Student guide
August 2007
Contents
Course Introductions
Course introductions ........................................................................................ 1
Health and safety ............................................................................................ 2
Logistics and refreshments................................................................................. 3
Course format ................................................................................................. 4
Agenda.......................................................................................................... 5
Timing............................................................................................................ 6
Exam format and details................................................................................... 7
Personal introductions....................................................................................... 8
Technical Management............................................................................ 67
Technical Management organization ......................................................... 68
Technical Management — Objectives........................................................ 70
Technical Management — Roles ............................................................... 71
IT Operations Management...................................................................... 73
IT Operations Management — Objectives.................................................. 75
IT Operations Management — Roles ......................................................... 76
Application Management......................................................................... 78
Application Management — Objectives..................................................... 79
Application Management — Roles ............................................................ 80
Continual Service Improvement (CSI) ................................................................ 82
CSI and Organizational Change............................................................... 83
Continual Service Improvement Model ....................................................... 85
What is Service Measurement?................................................................. 87
Why do we measure? ............................................................................. 88
Types of metrics ...................................................................................... 89
The 7 Step Improvement Process Purpose ....................................................91
The 7 Step Improvement Process ............................................................... 92
Role of the Continual Service Improvement Manager ................................. 103
Role of the Service Manager .................................................................. 105
Service Transition......................................................................................... 108
Service Transition V Model ..................................................................... 109
Configuration Item (CI)............................................................................ 110
Configuration Management System (CMS) .................................................111
Knowledge Management (KM) ................................................................ 112
Data, Information, Knowledge and Wisdom (DIKW) .................................. 113
Service Knowledge Management System (SKMS) ....................................... 115
Definitive Media Library (DML)................................................................. 116
DML and CMDB relationship ................................................................... 118
Service Transition processes..................................................................... 119
Change Management.............................................................................120
Change — Objectives and purpose ......................................................... 121
Change — Scope ..................................................................................122
Change — Value to the business..............................................................124
Change — Basic concepts (1 of 2) ...........................................................126
Change — Basic concepts (2 of 2)...........................................................129
Change — Activities...............................................................................130
7 Rs of Change Management..................................................................135
Change — Roles (1 of 2) ........................................................................136
Change — Roles (2 of 2) ........................................................................138
Change — Interfaces..............................................................................140
Change — Inputs................................................................................... 141
Change — Outputs ................................................................................142
Change — Process interfaces ..................................................................143
Change — Key metrics ...........................................................................145
Change — Challenges ...........................................................................147
iv © 2007 Hewlett-Packard Development Company, L.P. HF421S B.01
Contents
Module 7 — Documentation
Glossary
Course introductions
• Health and safety
• Logistics and refreshments
• Course format, agenda and
timings
• Exam format and details
• Personal introductions
• Expectations?
Course format
Course format
• Instructor-led teaching
modules
• Assignments
• Mock examination questions
• Mock examination and
review
• Short video sessions
Agenda
Agenda
Day 1 Day 3
• Course Introduction • Concepts, Roles and Functions
• Service Management as a (Cont)
Practice – Service Strategy
• Service Lifecycle • Technology and Architecture
• Key Principles, Models and • ITIL® Qualification Scheme
Concepts • Revision and Mock Examination
• Concepts, Roles and Functions
– Service Operation
Day 2
• Concepts, Roles and Functions
(Cont)
– Continual Service Improvement
– Service Transition
– Service Design
Timing
Timing
• Start times
• End times
• Breaks
• Examination
• Time-keeping
Personal introductions
Personal introductions
• Name
• Organization
• Job Title/Responsibilities
• ITSM experience?
• Expectations?
What is a service?
What is a ‘service’?
A ‘service’ is a means of
delivering value to customers by
facilitating outcomes customers
want to achieve without the
ownership of specific costs and
risks
Take for example the generalized pattern of a storage system. Storage is useful for
holding, organizing, or securing assets within the context of some activity, task, or
performance. Storage also creates useful conditions such as ease of access, efficient
organization, or security from threats. This simple pattern is inherent in many types of
storage services; each specialized to support a particular type of outcome for
customers.
Store
information
Store
files
Store
Store what? equipment
Storage
service
Portable
devices
Secure
cabinets
For various reasons, customers seek outcomes but do not wish to have accountability
or ownership of all the associated costs and risks. For example, a business unit
needs a terabyte of secure storage to support its online shopping system. From a
strategic perspective, it wants the staff, equipment, facilities, and infrastructure for a
terabyte of storage, to remain within its span of control. It does not want, however, to
be accountable for all the associated costs and risks, real or nominal, actual or
perceived. Fortunately, there is a group within the business with specialized
knowledge and experience in large-scale storage systems, and the confidence to
control the associated costs and risks. The business unit agrees to pay for the storage
service provided by the group under specific terms and conditions.
The business unit remains responsible for the fulfillment of online purchase orders. It
is not responsible for the operation and maintenance of fault-tolerant configurations
of storage devices, dedicated and redundant power supplies, qualified personnel, or
the security of the building perimeter, administrative expenses, insurance, compliance
with safety regulations, contingency measures, or the optimization problem of idle
capacity for unexpected surges in demand. The design complexity, operational
uncertainties, and technical trade-offs associated with maintaining reliable high-
performance storage systems lead to costs and risks the business unit is simply not
willing to own. The service provider assumes ownership and allocates those costs
and risks to every unit of storage utilized by the business and any other customers of
the storage service.
and …
• Role
– A set of responsibilities,
activities and authorities
granted to a person or
team
Functions are units of organizations specialized to perform certain types of work and
responsible for specific outcomes. They are self-contained with capabilities and
resources necessary for their performance and outcomes. Capabilities include work
methods internal to the functions. Functions have their own body of knowledge,
which accumulates from experience. They provide structure and stability to
organizations.
Functions are a way of structuring organizations to implement the specialization
principle. Functions typically define roles and the associated authority and
responsibility for a specific performance and outcomes. Coordination between
functions through shared processes is a common pattern in organization design.
Functions tend to optimize their work methods locally to focus on assigned outcomes.
Poor coordination between functions combined with an inward focus leads to
functional silos that hinder alignment and feedback critical to the success of the
organization as a whole. Process models help avoid this problem with functional
hierarchies by improving cross-functional coordination and control. Well-defined
processes can improve productivity within and across functions.
Functions are often mistaken for processes. For example, there are misconceptions
about Capacity Management being a service management process. First, capacity
management is an organizational capability with specialized processes and work
methods. Whether or not it is a function or a process depends entirely on
organization design. It is a mistake to assume that capacity management can only
be a process. It is possible to measure and control capacity and to determine
whether it is adequate for a given purpose. Assuming that is always a process with
discrete countable outcomes can be an error.
A role refers to a set of connected behaviors or actions that are performed by a
person, team or group in a specific context. For example a technical management
department can perform the role of Problem Management when diagnosing the root
cause of Incidents. This same department could also be expected to play several
other roles at different times, for example, they may assess the impact of changes
(Change Management role), manage the performance of devices under their control
(Capacity Management role), etc. The scope of their role and what triggers them to
play that role are defined by the relevant process, and agreed by their line manager.
A Process Model
A Process Model
Process Control
Triggers
Process
Including
Process reports
& reviews
Process Enablers
Each process should be owned by a process owner who should be responsible for
the process and its improvement and for ensuring that a process meets its objectives.
The objectives of any IT process should be defined in measurable terms and should
be expressed in terms of business benefits and underpin business strategy and goals.
Service Design should assist each process owner with the design of processes, in
order to ensure that all processes use standard terms and templates, are consistent
and integrate with each other to provide end-to-end integration across all areas.
The output produced by a process has to conform to operational norms that are
derived from business objectives. If products conform to the set norm, the process can
be considered effective (because it can be repeated, measured and managed). If the
activities are carried out with a minimum use of resources, the process can also be
considered efficient. Process analysis, results and metrics should be incorporated in
regular management reports and process improvements.
All of these areas should be included within the design of any process. The ITIL books
have been written around “sets of processes” that reflect the stages in the lifecycle of
a service. Working with defined processes has been the foundation of ITIL from its
beginning. By defining what the organization’s activities are, which inputs are
necessary and which outputs will result from the process, it is possible to work in a
more efficient and effective manner. Measuring and steering the activities increases
this effectiveness. Finally, by adding norms to the process, it is possible to add
quality measures to the output.
This approach underpins the ‘plan-do-check-act’ cycle of continual improvement for
any quality-management system. Plan the purpose of the process in such a way that
process actions can be reviewed, assessed or audited for successful achievement
and, improved.
Norms define certain conditions that the results should meet. Defining norms
introduces quality aspects to the process. Even before starting, it is important to think
about what the process outcomes should look like. To discover whether or not
process activities are contributing optimally to the business goal and the objectives of
the process - aligned to business goals, the effectiveness should be measured on a
regular basis. Measuring allows comparison of what has actually been done, with
what the organization set out to do and to identify and implement improvements
within the process.
Each organization should adopt a formalized approach to the design and
implementation of Service Management processes. The objective should not be to
design “perfect processes”, but to design practical and appropriate processes with
“in-built” improvement mechanisms, so that the effectiveness and efficiency of the
processes are improved in the most suitable manner for the organization.
Documentation standards, processes and templates should be used to ensure that the
processes are easily adopted throughout the organization.
The goal for now and in the future is to design processes and support these with
tools that can provide integration between organizations. This has now become
possible because management tools are providing support of open standards, such
as the Distributed Management Task Force (DMTF), that support the exchange of
information based on ITIL concepts, such as Incidents, Problems and Changes with
standard formats and contents. This allows service providers to support efficient and
effective process interfaces with their main suppliers with automated exchange of key
operational information in real time.
Characteristics of processes
Characteristics of processes
Data, information
& knowledge
Process Desired
outcome
Trigger
Processes are examples of closed-loop systems because they provide change and
transformation towards a goal, and utilize feedback for self-reinforcing and self-
corrective action. It is important to consider the entire process or how one process fits
into another.
Service Lifecycle
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service
Transition
The context of the publications depicted in this diagram is the ITIL Framework as a
source of good practice in service management. ITIL is used by organizations world-
wide to establish and improve capabilities in service management. ISO/IEC 20000
provides a formal and universal standard for organizations seeking to have their
service management capabilities audited and certified. While ISO/IEC 20000 is a
standard to be achieved and maintained, ITIL offers a body of knowledge useful for
achieving the standard.
The ITIL Library has the following components:
The ITIL Core: Best practice guidance applicable to all types of organizations
who provide services to a business
The ITIL Complementary Guidance: A complementary set of publications with
guidance specific to industry sectors, organization types, operating models, and
technology architectures
The ITIL Web: As well as the paper publications and the qualifications, it will be
provided a unified package of web-based support offerings for ITIL users.
Examples of web material include value added products, process maps,
templates and case studies.
The ITIL Core consists of five publications. Each provides the guidance necessary for
an integrated approach as required by the ISO/IEC 20000 standard specification:
Service Strategy
Service Design
Service Transition
Service Operation
Continual Service Improvement
Each publication addresses capabilities having direct impact on a service provider’s
performance. The structure of the core is in the form of a lifecycle. It is iterative and
multidimensional. It ensures organizations are set up to leverage capabilities in one
area for learning and improvements in others. The core is expected to provide
structure, stability, and strength to service management capabilities with durable
principles, methods, and tools. This serves to protect investments and provide the
necessary basis for measurement, learning, and improvement.
The guidance in ITIL can be adapted for use in various business environments and
organizational strategies. The Complementary Guidance provides flexibility to
implement the Core in a diverse range of environments. Practitioners can select
Complementary Guidance as needed to provide traction for the Core in a given
business context, much like tyres are selected based on the type of automobile,
purpose, and road conditions. This is to increase the durability and portability of
knowledge assets and to protect investments in service management capabilities.
The Service Strategy volume provides guidance on how to design, develop, and
implement service management not only as an organizational capability but as a
strategic asset. Guidance is provided on the principles underpinning the practice of
service management which are useful for developing service management policies,
guidelines, and processes across the ITIL Service Lifecycle. Service Strategy guidance
is useful in the context of Service Design, Service Transition, Service Operation, and
Continual Service Improvement. Topics covered in Service Strategy include the
development of markets, internal and external, service assets, service catalog, and
implementation of strategy through the Service Lifecycle. Financial Management,
Service Portfolio Management, Organizational Development, and Strategic Risks are
among other major topics.
Organizations use the guidance to set objectives and expectations of performance
towards serving customers and market spaces, and to identify, select, and prioritize
opportunities. Service Strategy is about ensuring that organizations are in position to
handle the costs and risks associated with their service portfolios, and are set up not
just for operational effectiveness but for distinctive performance. Decisions made with
respect to Service Strategy have far-reaching consequences including those with
delayed effect.
Organizations already practicing ITIL use this volume to guide a strategic review of
their ITIL based service management capabilities and to improve the alignment
between those capabilities and their business strategies. This volume of ITIL
encourages readers to stop and think about why something is to be done before
thinking of how. Answers to the first type of questions are closer to the customer’s
business. Service Strategy expands the scope of the ITIL framework beyond the
traditional audience of IT service management professionals.
The Service Design volume provides guidance for the design and development of
services and service management processes. It covers design principles and methods
for converting strategic objectives into portfolios of services and service assets. The
scope of Service Design is not limited to new services. It includes the changes and
improvements necessary to increase or maintain value to customers over the lifecycle
of services, the continuity of services, achievement of service levels, and conformance
to standards and regulations. It guides organizations on how to develop design
capabilities for service management.
The Service Transition volume provides guidance for the development and
improvement of capabilities for transitioning new and changed services into
operations. This publication provides guidance on how the requirements of Service
Strategy encoded in service design are effectively realized in service operations
while controlling the risks of failure and disruption. The publication combines
practices in release management, program management, and risk management and
places them in the practical context of service management. It provides guidance on
managing the complexity related to changes to services and service management
processes; preventing undesired consequences while allowing for innovation.
Guidance is provided on transferring the control of services between customers and
service providers.
The Service Operation volume embodies practices in the management of service
operations. It includes guidance on achieving effectiveness and efficiency in the
delivery and support of services so as to ensure value for the customer and the
service provider. Strategic objectives are ultimately realized through service
operations, therefore making it a critical capability. Guidance is provided on how to
maintain stability in service operations, allowing for changes in design, scale, scope,
and service levels. Organizations are provided with detailed process guidelines,
methods, and tools for use in two major control perspectives: reactive and proactive.
Managers and practitioners are provided with knowledge allowing them to make
better decisions in areas such as managing the availability of services, controlling
demand, optimizing capacity utilization, scheduling of operations, and fixing
problems. Guidance is provided on supporting operations through new models and
architectures such as shared services, utility computing, Web Services, and mobile
commerce.
Service Strategy
Service
Service
Strategy
ITIL
Service
Strategy
ITIL
Service Strategy
• Shows organizations how to transform Service Management
into a strategic asset and to then think and act in a strategic
manner
• Helps clarify the relationships between various services,
systems or processes and the business models, strategies or
objectives they support
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Service
Service
Design
Design
Service
Service
Strategy
ITIL
The main purpose of the Service Design stage of the lifecycle is the design of new or
changed service for introduction into the live environment. It is important that a
holistic approach to all aspects of design is adopted and that when changing or
amending any of the individual elements of design all other aspects are considered.
Thus when designing and developing a new application, this shouldn’t be done in
isolation, but should also consider the impact on the overall service, the Service
Portfolio and Catalog, the technology, the Service Management processes and the
necessary measurements and metrics. This will ensure that not only the functional
elements are addressed by the design, but also that all of the management and
operational requirements are also addressed as a fundamental part of the design
and are not added as an afterthought.
The main goals and objectives of Service Design are to:
Design services to satisfy business objectives, based on the quality, compliance,
risk and security requirements delivering more effective and efficient IT and
business solutions and services aligned to business needs by coordinating all
design activities for IT services to ensure consistency and business focus.
Design services that can be easily and efficiently developed and enhanced
within appropriate time-scales and costs and wherever possible reduce,
minimize or constrain the long-term costs of service provision.
Design efficient and effective processes for the design, transition, operation and
improvement of high quality IT services, together with the supporting tools,
systems and information, especially the Service Portfolio to manage services
through their lifecycle.
Identify and manage risks in order that they can be removed or mitigated prior
to services becoming live.
Design secure and resilient IT infrastructures, environments, applications and
data/information resources and capability that meet the current and future
needs of the business and customers.
Design measurement methods and metrics for assessing the effectiveness and
efficiency of the design processes and their deliverables.
Produce and maintain IT plans, processes, policies, architectures, frameworks
and documents for the design of quality IT solutions, to meet current and future
agreed business needs.
Assist in the development of policies and standards in all areas of design and
planning of IT services and processes, receiving and acting upon feedback on
design processes from all other areas incorporating the actions into a continual
process of improvement.
Develop the skills and capability within IT by moving strategy and design
activities into operational tasks, making effective and efficient use of all IT service
resources.
Contribute to the improvement of the overall quality of IT service within the
imposed design constraints, especially by reducing the need for reworking and
enhancing services once they have been implemented in the live environment.
Scope of SD
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Scope of SD
• Design of:
– New and changed services
– Service Portfolio and Service Catalog
– Technology architecture and management systems
– Processes required
– Measurement methods and metrics
The Service Design stage of the lifecycle starts with a set of new or changed business
requirements and ends with the development of a service solution designed to meet
the documented needs of the business. This developed solution, together with its
Service Design Package (SDP), is then passed to Service Transition to evaluate, build,
test and deploy the new or changed service and on completion of these transition
activities; control is transferred to the Service Operation stage of the service lifecycle.
New and changed services: The main aim of Service Design is the design of
new or changed services. The requirements for these new services are extracted
from the Service Portfolio and each requirement is analyzed, documented and
agreed and a solution design is produced which is then compared with the
strategies and constraints from Service Strategy to ensure that it conforms to
corporate and IT policies. Each individual service design is also considered in
conjunction with each of the other aspects of Service Design.
The Service Portfolio: To ensure that this new or changed service is consistent
with all other services, and that all other services that interface, support or
depend upon the new or changed services are consistent with the new service. If
not, either the design of the new service or the other existing services will need
to be adapted.
The technology architectures and management systems: To ensure that the all
technology architectures and management systems are consistent with the new
or changed service and have the capability to operate and maintain the new
service. If not, then either the architectures or management systems will need to
be amended or the design of the new service will need to be revised.
The processes: To ensure that the processes, roles, responsibilities and skills have
the capability to operate, support and maintain the new or changed service. If
not the design of the new service will need to be revised or the existing process
capabilities will need to be enhanced. This includes all IT and Service
Management processes not just the key Service Design processes.
The measurement methods and metrics: To ensure that the existing measurement
methods can provide the required metrics on the new or changed service. If not
then the measurement methods will need to be enhanced or the service metrics
will need to be revised.
If all of the above activities are completed during the Service Design stage, this will
ensure that there will be minimal issues that arise during the subsequent stages of the
service lifecycle. Therefore Service Design must consolidate the key design issues and
activities of all IT and Service Management processes within its own design activities
to ensure that all aspects are considered and included within all designs for new or
changed services as part of everyday process operation.
Value to business of SD
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Value to business of SD
• Reduced total cost of ownership (TCO)
• Improved quality of service
• Improved consistency of service
• Easier implementation of new/changed services
• Improved service alignment
• More effective service improvement
• Improved IT governance
• More effective ITSM
• Improved information and decision making
With good Service Design it will be possible to deliver quality, cost effective services
and to ensure that the business requirements are being met. The following benefits
are as a result of good Service Design practice:
Reduced Total Cost of Ownership (TCO): cost of ownership can only be
minimized if all aspects of services, processes and technology are designed
properly and implemented against the design
Improved quality of service: both service and operational quality will be
enhanced
Improved consistency of service: as services are designed within the corporate
strategy, architectures and constraints
Easier implementation of new or changed services: as there is integrated and full
Service Design and the production of comprehensives Service Design Packages
Improved service alignment: involvement from the conception of the service
ensuring that new or changed services match business needs, with services
designed to meet Service Level Requirements
More effective service performance: with incorporation and recognition of
Capacity, Financial Availability and IT Service Continuity plans
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Service
Transition
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Increase the customer, user and service management staff satisfaction with the
service transition practices including deployment of the new or changed service,
communications, release documentation, training, knowledge transfer
Increase proper use of the services and underlying applications and technology
solutions
Provide clear and comprehensive plans that enable the customer and business
change projects to align their activities with the service transition plans
The purpose of Service Transition is to:
Plan and manage the capacity and resources required to package, build, test,
and deploy a release into production and establish the service specified in the
customer and stakeholder requirements
Provide a consistent and rigorous framework for evaluating the service capability
and risk profile before a new or changed service is released or deployed
Establish and maintain the integrity of all identified service assets and
configurations as they evolve through the service transition stage
Provide good quality knowledge and information so that Change, Release and
Deployment Management can expedite effective decisions about promoting a
release through the test environments and into production
Provide efficient, repeatable build and installation mechanisms that can be used
to deploy releases to the test and production environments and to re-build
releases if required to restore service
Ensure that the service can be managed, operated and supported in
accordance with the requirements and constraints specified within the service
design
Scope of ST (1 of 2)
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Scope of ST (1 of 2)
Service
Transition
The scope of the service transition life cycle stage is shown in the next slide.
Scope of ST (2 of 2)
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Scope of ST (2 of 2)
Service
Transition
BL BL BL BL BL BL BL
E1 E2 E3
Service Transition activities are shown in the white boxes. The dark boxes represent
activities in the other ITIL core books. There may be situations when some activities
are not applicable for a particular transition. For example the transfer of a set of
services from one organization to another may not involve release planning, build,
test and acceptance.
The following lifecycle processes in this book support all life cycle stages:
Change Management
Service Asset and Configuration Management
Knowledge Management
Service Transition uses all the processes described in the other ITIL books as it is
responsible for testing these processes, either as part of a new or changed service or
as part of testing changes to the service management processes. Service Level
Management is important to ensure that customer expectations are managed during
service transition. Incident and Problem Management are important for handling
incidents and problems during testing, pilot and deployment activities.
The following activities are excluded from the scope of Service Transition best
practices:
Minor modifications to the production services and environment, for example,
replacement of a failed PC or printer, installation of standard software on a PC
or server, new user
On-going continual service improvements that do not significantly impact the
services or service provider’s capability to deliver the services, for example,
request fulfillment activities driven from service operations
Value to business of ST
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Value to business of ST
Service
Transition
The productivity of business and Customer staff because of better planning and
use of new and changed services
The timeliness of cancellation or changes to maintenance contracts for both
hardware and software when components are disposed or de-commissioned
The understanding of the level of risk during and after change, for example,
service outage, disruption, re-work
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service
Transition
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
The purpose of Service Operation is to coordinate and carry out the activities and
processes required to deliver and manage services at agreed levels to business users
and customers. Service Operation is also responsible for the ongoing management
of the technology that is used to deliver and support services.
Well designed and implemented processes will be of little value if the day-to-day
operation of those processes is not properly conducted, controlled and managed.
Nor will service improvements be possible if day-to-day activities to monitor
performance assess metrics and gather data are not systematically conducted during
Service Operation.
Scope of SO
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Scope of SO
Service
Transition
Service Operation includes the execution of all ongoing activities required to deliver
and support services. The scope of Service Operation includes:
The services themselves. Any activity that forms part of a service is included in
Service Operation, whether it is performed by the Service Provider, an external
supplier or the user or customer of that service.
Service Management processes. The ongoing management and execution of
many Service Management processes are performed in Service Operation, even
though a number of ITIL processes (such as Change and Capacity Management)
originate at the Service Design or Service Transition stage of the service
lifecycle, they are in use continually in Service Operation. Some processes are
not included specifically in Service Operation, such as Strategy Definition, the
actual Design process itself. These processes focus more on longer-term planning
and improvement activities which are outside of the direct scope of Service
Operation, however Service Operation provides input and influences these
regularly as part of lifecycle of service management.
Technology. All services require some form of technology to deliver them.
Managing this technology is not a separate issue, but an integral part of the
management of the services themselves. Therefore a large part of the Service
Operation book is concerned with the management of the infrastructure used to
deliver services.
Value to business of SO
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Value to business of SO
Service
Transition
But
Each stage in the ITIL Service Lifecycle provides value to business. For example,
service value is modelled in Service Strategy, the cost of the service is designed,
predicted and validated in Service Design and Service Transition, and measures for
optimization identified in Continual Service Improvement. The operation of service is
where these plans, designs and optimizations are executed and measured. From a
customer viewpoint, Service Operation is where actual value is seen.
Achieving balance
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service
(Conflicting Motives)
Transition
• IT Services v Technology
• Stability v Responsiveness
• Quality of service v Cost of service
• Reactive v Proactive
Service Operation is more than just the repetitive execution of a standard set of
procedures or activities. All functions, processes and activities are designed to deliver
a specified and agreed level of services, but they have to be delivered in an ever-
changing environment. This forms a conflict between maintaining the status quo and
adapting to changes in the business and technological environments. One of Service
Operation’s key roles is therefore to deal with this conflict and to achieve a balance
between conflicting sets of priorities. Service Operation highlights some of the key
tensions and conflicts, and identifies how IT organizations can recognize that they
are suffering from an imbalance by tending more toward one extreme or the other. It
also provides some high-level guidelines on how to resolve the conflict, and thus
move towards a best practice approach. Every conflict therefore represents an
opportunity for growth and improvement.
The internal view of IT is the way in which IT components and systems are managed
to deliver the services. Since IT systems are complex and diverse, this often means
that the technology is managed by several different teams or departments – each of
which is focused on achieving good performance and availability of “their” systems.
Both views are necessary when delivering services. The organization that focuses
only on business requirements without thinking about how they are going to deliver
will end up making promises that can not be kept. The organization that focuses only
on internal systems without thinking about what services they support will end up with
expensive services that deliver little value.
The potential for role conflict between the external and internal views is the result of
many variables, including the maturity of the organization, its management culture,
its history, etc. This makes a balance difficult to achieve and most organizations tend
more towards one role than the other. Of course, no organization will be totally
internally or externally focused, but will find themselves in a position along a
spectrum between the two.
For example, an IT department that focuses too much on the internal aspects will tend
to have very good technical management with high performing technology, while
users are very dissatisfied with the level of service. On the other hand, an IT
department that focuses too much on the external aspects will tend to make promises
that its current technology can not support.
Service
Cost of service
Range of optimal
balance between
Cost and Quality
Quality of Service
(Performance, Availability, Recovery)
© Crown Copyright 2007. Reproduced under licence from OGC.
In the figure above an increase in the level of quality usually results in an increase in
the cost of that service, and visa versa. However, the relationship is not always
directly proportional:
Early in the service’s lifecycle it is possible to achieve significant increases in
service quality with a relatively small amount of money. For example improving
service availability from 55% to 75% is fairly straightforward and may not
require a huge investment
Later in the service’s lifecycle even small improvements in quality are very
expensive. For example, improving the same service’s availability form 96% to
99.9% may require large investments in high-availability technology and support
staff and tools
While this may seem straightforward, many organizations are under severe pressure
to increase the quality of service while reducing their costs. In the figure above the
relationship between cost and quality is sometimes inverse. It is possible (usually
inside the range of optimization) to increase quality while reducing costs. This is
normally initiated within Service Operation and carried forward by Continual Service
Improvement. Some costs can be reduced incrementally over time, but most cost-
savings can only be made once. For example, once a duplicate software tool has
been eliminated, it can not be eliminated again for further cost savings.
Achieving an optimal balance between Cost and Quality (shown between the dotted
lines in the figure above) is a key role of Service Management. There is no industry
standard for what this range should be since each service will have a different range
of optimization, depending on the nature of the service and the type of business
objective being met. For example the business may be prepared to spend more to
achieve high availability on a mission critical service, while they are prepared to live
with the lower quality of an administrative tool.
For example, an organization that focuses purely on the cost of IT may reject some
investments aimed at improving the level of service. In many cases this has an affect
on the ability of users to do their jobs properly and the company could lose money.
On the other hand, an extreme focus on quality could mean that money is spent on
enhancing and improving services that are not really contributing a large amount of
value to the organization.
For example, an IT department that will only take action when the business complains
about something will always be seen as an obstacle to progress. On the other hand,
if the IT department keeps investing in new technology to fix things that are not
broken, they will be seen as a drain on the company’s finances.
Service
Service
Strategy
Service
Operation ITIL
Good communication is important across all phases of the service lifecycle but
particularly so in Service Operation.
Good communication is needed with other IT teams and departments; with users and
internal customers and between the Service Operation teams and departments
themselves. Issues can often be prevented or mitigated with appropriate
communication.
An important principle is that all communication must have an intended purpose or a
resultant action. Information should not be communicated unless there is a clear
audience. In addition, that audience should have been actively involved in
determining the need for that communication and what they will do with the
information.
Types of communication include:
Routine Operational Communication
Communication between shifts
Communication in projects
Communication related to changes
Communication related to exceptions
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service
Transition
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Scope of CSI
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Scope of CSI
Operation
Service
Transition
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
There are four commonly used terms when discussing service improvement outcomes:
Improvements
Benefits
ROI (Return on Investment)
VOI (Value on Investment)
Much of the angst and confusion surrounding IT process improvement initiatives can
be traced to the misuse of these terms. Below is the proper use:
Improvements: Outcomes that when compared to the “before” state, show a
measurable increase in a desirable metric or decrease in an undesirable metric
• Example: ABC Corp achieved a 15% reduction in failed changes through
implementation of a formal Change Management process
Benefits: The gains achieved through realization of improvements, usually but not
always expressed in monetary terms
• Example: ABC Corp’s 15% reduction in failed changes has saved the
company $395,000 in productivity and re-works costs in the first year
ROI: The difference between the benefit (saving) achieved and the amount
expended to achieve that benefit, expressed as a percentage. Logically, one
would like to spend a little to save a lot
• Example: ABC Corp spent $200,000 to establish the formal Change
Management process that saved $395,000. The ROI at the end of the first
year of operation was therefore $195,000 or 97.5%
VOI: The extra value created by establishment of benefits that include non-
monetary or long term outcomes. ROI is a subcomponent of VOI
• Example: ABC Corp’s establishment of a formal Change Management
process (which reduced the number of failed changes) improved the ability
of ABC Corp to respond quickly to changing market conditions and
unexpected opportunities resulting in an enhanced market position. In
addition, it promoted collaboration between business units and the IT
organization and freed up resources to work on other projects that
otherwise may not have been completed
Continual Service
CMMI Improvement
TOGAF Service
Service ISO/IEC
Design
Design 20000
eTOM
Service
Service
Strategy
SOX
Six Sigma
Service
ITIL ISO/IEC
Operation
PMBOK 27001
COBIT
M_o_R
PRINCE 2: The project management system developed by OGC for use within
the UK Government
COBIT: Control Objectives for Information & Related Technology; guidance on
ITSM Security and Auditing from ISAACA
M-o-R: Management of Risk
ISO/IEC 20000: International standard for IT Service Management for which
organizations can seek independent accreditation
SOX: Sarbane-Oxley; US Legislation seeking to introduce better management
controls and financial practices, including corporate disclosure, into
organizations listed on the US Stock Market
ISO/IEC 27001: International standard for IS Security
ISO/IEC 19770: International standard for Software Asset management
Service Provider
Service Provider
• An organization supplying
services to one or more
internal customers or
external customers
RACI Model
RACI Model
• A RACI model can be used to help define roles and
responsibilities
• It identifies the activities that must be performed alongside the
various individuals and roles involved
• RACI is an acronym for the four main roles of:
– Responsible — The person or people responsible for getting the
job done
– Accountable — Only one person can be accountable for each
task
– Consulted — The people who are consulted and whose opinions
are sought
– Informed — The people who are kept up-to-date on progress
Activity 2 A R C C C
Activity 3 I A R I C
Activity 4 I A R I
Activity 5 I I A C R
Process Owner
Process Owner
Responsible for:
• Assisting with Process
Design
• Documenting the process
• Making sure the process is
being performed as
documented
• Making sure the process
meets its aims
• Monitoring and improving
the process over time
A Process Owner is responsible for ensuring that their process is being performed
according to the agreed and documented process and is meeting the aims of the
process definition. This includes such tasks as:
Documenting and publicizing the process
Defining the Key Performance Indicators (KPIs) to evaluate the effectiveness and
efficiency of the process
Reviewing KPIs and taking action required following the analysis
Assisting with and ultimately responsible for the process design
Improving the effectiveness and efficiency of the process
Reviewing any proposed enhancements to the process
Providing input to the on-going Service Improvement Program
Addressing any issues with the running of the process
Ensuring all relevant staff have the required training in the process and are
aware of their role in the process
Ensuring that the process, roles, responsibilities and documentation are regularly
reviewed and audited
Interfacing with line management, ensuring that the process receives the needed
staff resources. Line management and process owners have complementary
tasks; they need to work together to ensure efficient and effective processes.
Often it is the task of line management to ensure the required training of staff.
The Process Manager role is responsible for operational management of a process.
The Process Manager's responsibilities include planning and co-ordination of all
activities required to carry out, monitor and report on the process.
There may be several Process Managers for one process, for example regional
Change Managers or IT Service Continuity Managers for each data centre.
The Process Manager role is often assigned to the person who carries out the Process
Owner Role, but the two roles may be separate in larger Organizations.
Service Owner
Service Owner
• The Service Owner is
responsible to the Customer
for a particular service
– Initiation and transition
– Ongoing maintenance and
support
– Monitoring and reporting
– Identifying improvement
opportunities
– Prime customer contact
The Service Owner is responsible to the Customer for the initiation, transition and
ongoing maintenance and support of a particular service.
The Service Owner has the following responsibilities:
To act as prime Customer contact for all Service related enquiries and issues
To ensure that the ongoing Service delivery and support meet agreed Customer
requirements
To identify opportunities for Service Improvements, discuss with the Customer
and to raise the RFC for assessment if appropriate
To liaise with the appropriate Process Owners throughout the Service
Management lifecycle
To solicit required data, statistics and reports for analysis and to facilitate
effective Service monitoring and performance
To be accountable to the IT Director for the delivery of the Service
The Service Owner is accountable for a specific service within an organization
regardless of where the underpinning technology components, processes or
professional capabilities reside. Service ownership is as critical to service
management as establishing ownership for processes which cross multiple vertical
silos or departments.
Formal contracts are appropriate for external supply arrangements which make a
significant contribution to the delivery and development of the business. Contracts
provide for binding legal commitments between customer and supplier, and cover the
obligations each organization has to the other from the first day of the contract, often
extending beyond its termination. A contract is used as the basis for external supplier
agreements where an enforceable commitment is required. High-value and/or
strategic relationships are underpinned by a formal contract. The formality and
binding nature of a contract are not at odds with the culture of a partnering
agreement, but rather form the basis upon which trust in the relationship may be
founded.
A contract is likely to be structured with a main body containing the commercial and
legal clauses, and with the elements of a service agreement, attached as schedules.
Contracts may also include a number of other related documents and schedules, for
example:
Security requirements
Business continuity requirements
Mandated technical standards
Migration plans (agreed pre-scheduled change)
Disclosure agreements
Service Portfolio
Service Portfolio
The most effective way of managing all aspects of services through their lifecycle
is by using appropriate management systems and tools to support and automate
efficient processes. The Service Portfolio is the most critical management system
used to support all processes and describes a provider’s services in terms of
business value. It articulates business needs and the provider’s response to those
needs. By definition, business value terms correspond to markets terms,
providing a means for comparing service competitiveness across alternative
providers. By acting as the basis of a decision framework, a service portfolio
either clarifies or helps to clarify the following strategic questions:
Why should a customer buy these services?
Why should they buy these services from you?
What are the pricing or chargeback models?
What are my strengths and weaknesses, priorities and risk?
How should my resources and capabilities be allocated?
Ideally the Service Portfolio should form part of a comprehensive Service Knowledge
Management System (SKMS) and registered as a document in the Configuration
Management System (CMS).
Once a strategic decision to charter a service is made, this is the stage in the service
lifecycle that Service Design begins architecting the service. The Service Portfolio
should contain information relating to every service and its current status within the
organization. The options of status within the Service Portfolio should include:
Requirements: A set of outline requirements have been received from the
business or IT for a new or changed service
Defined: The set of requirements for the new service are being assessed,
defined, and documented and the SLR is being produced
Analyzed: The set of requirements for the new service are being analyzed and
prioritized
Approved: The set of requirements for the new service have been finalized and
authorized
Chartered: The new service requirements are being communicated and
resources and budgets allocated
Designed: The new service and its constituent components are being designed-
and procured, if required
Developed: The service and its constituent components are being developed or
harvested, if applicable
Built: The service and its constituent components are being built
Test: The service and its constituent components are being tested
Released: The service and its constituent components are being released
Operational: The service and its constituent components are operational within
the live environment
Retired: The service and its constituent components have been retired
Customers and users would only be allowed access to those services within the
Service Portfolio that were of a status between “chartered” and “operational”, as
illustrated by the dashed box in the diagram in the slide. This phase describes the
services contained within the Service Catalog. Service Strategy and Service Design
personnel would need access to all records within the Service Portfolio, as well as
other important areas such as Change Management. Other members of the service
provider organization would have access to a permitted subset of the records within
the Service Portfolio. Although the Service Portfolio is designed by Service Design, it
is owned and managed by Service Strategy within the Service Portfolio Management
process.
The Requirements Portfolio is a subset of the overall Service Portfolio and contains
details of all of the business requirements that have not yet become services released
to the live environment. It is used as a basis for the definition, analysis, prioritization
and approval, by the IT Steering Group (ISG) and Service Strategy, of all requests for
new or changed services, to ensure that new and changed services are aligned to
business requirements. It will principally be used as input to the activities of the
Service Strategy and Service Design stages of the service lifecycle. It also provides
valuable input to the activities of the Service Transition stage of the lifecycle in
determining the services to be released. The Service Catalog Management process
must ensure that all of the details within the Service Portfolio are accurate and up to
date as the requirement and its new or changed service is migrated into the live
environment. This will involve close liaison with all Service Transition activities.
Service Catalog
Service Catalog
• Part of the Service Portfolio
• Services available for deployment or use
• Information to be shared with customers
• Business Service Catalog
– Services of interest to customers
• Technical Service Catalog
– Underpinning services of interest to IT
The Portfolio should contain all of the future requirements for services and the
Catalog should contain details of all operational services being provided or those
being prepared for transition to the live environment, a summary of their
characteristics and details of the customers and maintainers of each. A degree of
‘detective work’ may be needed to compile this list and agree it with the customers.
The Service Portfolio is produced as part of Service Strategy and should include
participation by those involved in Service Design, Transition, Operation and
Continual Service Improvement. Once a Service is ‘chartered’ (being developed for
use by customers), Service Design produces the specifications for the service and it is
at this point the Service should be added to the Service Catalog.
Each organization should develop and maintain a policy with regard to both the
Portfolio and the Catalog, with regard to the services recorded within them, what
details are recorded and what statuses are recorded for each of the services. The
policy should also contain details of responsibilities for each section of the overall
Portfolio and the scope of each of the constituent sections.
The Service Catalog Management process produces and maintains the Service
Catalog ensuring that a central, accurate and consistent source of data is provided,
recording the status of all operational services or services being transitioned to the
live environment, together with appropriate details of each service.
Define a framework
Check
Monitor,
Other teams, measure Team & people
e.g. Security & satisfaction
review
Planning for Improvement Initiatives (Plan) - At this stage goals and measures for
success are established, a gap analysis is performed, action steps to close the gap
are defined, and measures to ensure the gap was closed are established and
implemented.
Implementation of Improvement Initiative (Do) - This includes development and
implementation of a project to close the identified gaps, implementation of the
improvement to Service Management processes, and establishing the smooth
operation of the process.
Monitor, Measure and Review Services and Service Management Processes (Check) -
During this stage the implemented improvements are compared to the measures of
success established in the Plan phase. The comparison determines if a gap still exists
between the improvement objectives and the operational process state. Gaps don’t
necessarily require closure. A gap may be considered tolerable if the actual
performance is within allowable limits of performance. At the Check stage, the
expected output is recommendations for improvement. For example,
recommendations to update or modify the Service Catalog, measurements to be
tracked in SLAs, Operating Level Agreements (OLAs) and Underpinning Contracts
(UCs) could also come out of this stage.
Continual Service and Service Management process Improvement (Act) - This stage
requires implementing the actual Service and Service Management process
improvements. A decision to keep the status quo, close the gap or adding necessary
resources needs to be made to determine if further work is required to close
remaining gaps, and to determine the allocation of resources necessary to support
another round of improvement. Project decisions at this stage are the input for the
next round of the PDCA cycle, closing the loop as input to the next Plan stage.
Too many people and too many organizations are looking for the “big-bang”
approach to improvements. It is important to understand that a succession or series of
small planned increments of improvements will not stress the infrastructure as much
and will eventually amount to a large amount of improvement over time.
Governance
Ensures the provision of a corporate strategy and
Governance business plan. Establishes the corporate policies and
enables the strategic direction, objectives, critical
success targets and key results areas.
Corporate
Governance
Assures adherence to legal, industrial and
regulatory requirements.
Corporate Compliance
Establishes IT policy, standards and principles
and assures alignment of IT strategy to IT Governance
corporate business strategy.
IT Compliance
Governance has actually been around the IT arena for decades. The mainframe had
significant controls built around its day-to-day operations. With the advent of
distributed processing in the early 90s, then n-tier processing, the Internet and
increasing virtualization, governance and controls simply went out of fashion, just
when they were the most desperately needed. With the exposure of high level
corporate fraud in the early years of this century, IT was thrust, without warning, into
a completely unfamiliar game with incredibly high stakes. Governance is back with a
vengeance. IT is now forced to comply with sweeping legislation and an ever-
increasing number of external regulations. External auditors are commonplace in
large IT shops. IT can no longer mask their operations behind a veil of secrecy or a
cloud of obfuscation but rather they must run an organization which prides itself on
its transparency.
Corporate Governance
"Corporate governance is about promoting corporate fairness, transparency and
accountability" (J. Wolfensohn, President, World Bank, Financial Times, June 21,
1999). The most recent and highly visible example of a renewed emphasis on
corporate governance is the Sarbanes-Oxley Act (SOX) of 2002 in the United States.
Created in the aftermath of fraudulent behavior by corporate giants, SOX demands
corporate fairness, mandates complete transparency of transactions and holds
executives accountable for any material deficiencies. The accountability provisions in
SOX include criminal charges and incarceration for non-compliance.
IT Governance
“IT governance is the responsibility of the board of directors and executive
management. It is an integral part of enterprise governance and consists of the
leadership, organizational structures and processes that ensure that the
organization’s IT sustains and extends the organization’s strategies and objectives”.
(Board Briefing on IT Governance, 2nd Edition, 2003, IT Governance Institute - ITGI).
On one hand, IT must now comply with new rules and legislation and continually
demonstrate their compliance through successful independent audits by external
organizations. On the other hand, IT is increasingly being called upon to “do more
with less” and create additional value while maximizing the use of existing resources.
These increasing pressures dovetail perfectly with the basic premise of ITIL: IT is a
service business. Existing internal IT organizations must transform themselves into
effective and efficient IT service providers or they will cease to be relevant to the
business and, soon after, cease to exist. This continual and unceasing drive toward
greater business value with greater internal efficiency is at the heart of Continual
Service Improvement.
Compliance
“Compliance ensures that a Standard or set of Guidelines is followed, or that proper,
consistent accounting or other practices are being employed.”
Service Operation
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service Operation
Service
Transition
• Processes
– Event Management
– Incident Management
– Request Fulfillment
– Problem Management
– Access Management
• Functions
– Service Desk
– Technical Management
– IT Operations Management
– Application Management
Event Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Event Management
Service
Transition
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
Service
Operation ITIL
Event Management’s main objective is the ability to detect Events, make sense of
them, and determine the appropriate control action.
In addition:
If these events are programmed to communicate operational information as well
as warnings and exceptions, they can be used as a basis for Operational
Monitoring and Control, automating many routine Operations Management
activities.
Event Management provides a way of comparing actual performance and
behavior against design standards and Service Level Agreements.
Service
Service
Strategy
Service
Operation ITIL
• Event
An alert or notification created by any IT Service, Configuration
Item or monitoring tool. For example a batch job has completed.
Events typically require IT Operations personnel to take actions,
and often lead to Incidents being logged.
• Event Management
The Process responsible for managing Events throughout their
Lifecycle.
• Alert
Something that happens that triggers an event or a call for action
or human intervention after the event is filtered
Definition of an Event
Events are typically alerts or notifications created by an IT Service, Configuration Item
(CI) or monitoring tool.
Events can be formally defined as any detectable or discernable occurrence that has
significance for the management of the IT infrastructure or the delivery of IT service
and evaluation of the impact a deviation might cause to the services.
Examples of an Event:
A batch job has completed
A switch on the network needs to stay on, and Event Management tools confirm
this by monitoring responses to “pings”
Software license monitoring has detected that the number of licenses allocated
has reached a limit
A device’s CPU is above the acceptable utilization rate
Event Management
Event Management is the process responsible for managing Events throughout their
Lifecycle, that is, occurrence, detection, filtering, triggering some kind of action if
necessary, review and close.
Service
Service
Strategy
Service
Operation ITIL
Exception
Filter Warning
Information
Events occur continuously, but not all of them are detected or registered.
Once an Event Notification has been generated, it will be detected by an agent
running on the same system, or transmitted directly to a management tool specifically
designed to read and interpret the meaning of the Event.
Filtering then occurs, to decide whether to continue treating the Event or to ignore it.
If ignored, the Event will usually be recorded in a log file on the device, but no
further action will be taken.
If not ignored, the first level of correlation is performed, i.e. the determination of
whether the Event is Informational, a Warning, or an Exception (see next
pages). This correlation is usually done by an agent that resides on the CI or on
a server that the CI is connected to.
The filtering step is not always necessary. For some CIs, every Event is significant and
moves directly into a management tool’s correlation engine, even if it is duplicated.
Also, it may have been possible to turn off all unwanted Event notifications.
Service
Service
Strategy
Service
Operation ITIL
Incident Incident
Management
Incident/
Problem Problem
Exception Problem/
Change
Management
RFC Change
Management
Every organization will have its own categorization of the significance of an Event,
but it is suggested that at least these 3 broad categories be represented:
Informational
Warning
Exception
If the output of Filtering is an Exception, it means that a service or device is currently
operating abnormally (however that has been defined).
Typically this means that an OLA and SLA have been breached and the Business is
being impacted. Exceptions could represent a total failure, impaired functionality or
degraded performance.
Please note, though, that an Exception does not always represent an
Incident/Problem. For example, an exception could be generated when an
unauthorized device is discovered on the network. This can be managed by using
either an Incident Record or a Request for Change (or even both) depending on the
organization’s Incident and Change Management policies.
Service
Service
Strategy
Service
Operation ITIL
Incident
Incident/
Do any one or Problem/ Problem
Change
combination of
… RFC
Alert Human
Intervention
Warning
Auto Response
Information Log
If the output of Filtering is Informational, it refers to an Event that does not require any
action, and does not represent an exception. They are typically stored in the system
or service log files and kept for a predetermined period.
Informational Events are typically used:
To check on the status of a device or service
To confirm the successful completion of an activity
To generate statistics, such as the number of users logged on
As an input to investigations, such as which jobs completed successfully before
the transaction processing queue hung
Examples of Informational Events include:
A device has come online
A job in the batch queue completes successfully
A user logs onto an application
A transaction is completed successfully
Service
Service
Strategy
Service
Operation ITIL
Incident Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Incident Management
Service
Transition
• Objectives
• Scope
• Business value
• Basic concepts
• Activities
• Interfaces
• Key metrics
• Roles
• Challenges
Service
Service
Strategy
Service
Operation ITIL
The primary goal of the Incident Management process is to restore normal service
operation as quickly as possible and minimize the adverse impact on business
operations, thus ensuring that the best possible levels of service quality and
availability are maintained.
‘Normal service operation’ is defined here as service operation within Service Level
Agreement (SLA) limits.
Service
Service
Strategy
Service
Operation ITIL
Incident Management includes any Event which disrupts, or which could disrupt, a
service.
This includes Events which are communicated directly by users, either through the
Service Desk or through an interface from Event Management to Incident
Management tools.
Incidents can also be reported and/or logged by technical staff (if for example they
notice something untoward with hardware or network component they may report or
log an incident and refer it to the Service Desk).
This does not mean, however, that all Events are Incidents. Many classes of Events
are not related to disruptions at all, but are indicators of normal operation or are
simply informational (see previous section).
Although both Incidents and Service Requests are reported to the Service Desk, this
does not mean that they are the same. Service Requests do not represent a disruption
to agreed service, but are a way of meeting the customer’s needs and may be
addressing an agreed target in a Service Level Agreement. Service Requests are
dealt with by the Request Fulfillment process (see next section).
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Strategy
Service
Operation ITIL
• An Incident
– An unplanned interruption or reduction in the quality of an IT
Service
– Any event which could affect an IT Service in the future is also
an Incident
• Timescales
• Incident Models
• Major Incidents
Incident
In ITIL terminology, an ‘Incident’ is defined as: “An unplanned interruption to an IT
service or reduction in the quality of an IT service”.
Any Event, such as a failure of a configuration item that has not yet impacted service
is also an Incident. For example failure of one disk from a mirror set.
Timescales
Timescales must be agreed for all incident handling stages (these will differ
depending upon the priority level of the incident) – based upon the overall incident
response and resolution targets within Service Level Agreements – and captured as
targets within Operational Level Agreements and Underpinning Contracts. All
support groups should be made fully aware of these timescales.
Incident models
Many incidents are not new – they involve dealing with something that has
happened before – and may well happen again. For this reason many organizations
will find it helpful to predefine ‘standard’ incident models – and apply them to
appropriate incidents when they occur. An incident model is a way of predefining
the steps that should be taken to handle a process (in this case a process for dealing
with a particular type of incident) in an agreed way. The incident model should
include:
The steps that should be taken to handle the incident
The chronological order these steps should be taken in, with any dependences
or co processing defined
Responsibilities; who should do what
Major incidents
A separate procedure, with shorter timescales and greater urgency, must be used for
‘major’ incidents. A definition of what constitutes a major incident must be agreed
and ideally mapped on to the overall incident prioritization system – such that they
will be dealt with through the major incident process.
Note
People sometimes use loose terminology and/or confuse a Major Incident with a
Problem. In reality an incident remains an incident forever – it may grow in
impact or priority to become a Major Incident, but an incident never ‘becomes a
Problem’.
Service
Service
Strategy
Service
Operation ITIL
From Event Mgmt From Web Interface User Phone Call Email Technical Staff
Incident Identification
Incident Logging
Incident Categorization
Yes
Service Request? To Request Fulfilment
No
Incident Prioritization
Yes
Major Incident Procedure Major Incident?
No
Initial Diagnosis
Incident Closure
End
© Crown Copyright 2007. Reproduced under licence from OGC.
Incident identification
Work cannot begin on dealing with an incident until it is known that an incident has
occurred. It is usually unacceptable, from a business perspective, to wait until a user
is impacted and contacts the Service Desk. As far as possible all key components
should be monitored so that failures or potential failures are detected early so that
the incident management process can be started quickly.
Incident logging
All incidents must be fully logged and date/time stamped, regardless of whether they
are raised through a Service Desk telephone call or whether automatically detected
via an event alert.
All relevant information relating to the nature of the incident must be logged so that a
full historical record is maintained. The information needed for each incident is likely
to include:
Unique reference number
Incident categorization (often broken down into between 2-4 levels of sub
categories)
Incident urgency, impact, priority
Date/time recorded
Name/id of the person and/or group recording the Incident
Name/department/phone/location of user
Description of symptoms
Incident status (active, waiting, closed etc.)
Related Configuration Item
Support group/person to which the Incident is allocated
Related Problem/Known Error
Activities undertaken to resolve the incident
Resolution date and time
Closure category
Closure date and time
Incident categorization
Part of the initial logging must be to allocate suitable incident categorization coding
so that the exact type of the call is recorded. Multi-level categorization is available in
most tools – usually to three or four levels of granularity. For example an incident may
be categorized as:
Hardware
• Server
Memory Board
• Cell Card Failure
Or:
Software
• Application
Finance Suite
• Purchase Order System
Incident prioritization
Another important aspect of logging every incident is to agree and allocate an
appropriate prioritization code – as this will determine how the incident is handled
both by support tools and support staff.
Prioritization can normally be determined by taking into account both the urgency of
the Incident (how quickly the business needs a resolution), and the level of impact it
is causing.
An effective way of calculating these elements and deriving an overall priority level
for each incident is given in the simple table below:
Impact
High Medium Low
High 1 2 3
Urgency Medium 2 3 4
Low 3 4 5
Initial diagnosis
If the incident has been routed via the Service Desk, the Service Desk Operator must
carry out initial diagnosis, typically while the user is still on the telephone - if the call
is raised in this way, to try and discover the full symptoms of the incident and to
determine exactly what has gone wrong and how to correct it. It is at this stage that
diagnostic scripts and known error information can be most valuable in allowing
earlier and accurate diagnosis.
If the Service Desk Operator cannot resolve the incident while the user is still on the
telephone, but there is a prospect that the Service Desk may be able to do so within
the agreed time limit without assistance from other support groups, they should
inform the user of their intentions, give the user the incident reference number, and
attempt to find a resolution.
Incident escalation
1. Functional escalation
As soon as it becomes clear that the Service Desk is unable to resolve the
incident themselves or when target times for first point resolution have been
exceeded (whichever comes first), the incident must be immediately escalated for
further support (second-level, third-level support group, external vendors, etc.).
Note
Incident Ownership remains with the Service Desk! Regardless of where an
incident is referred to during its life, ownership of the incident remains with the
Service Desk at all times. The Service Desk remain responsible for tracking
progress, keeping users informed and ultimately for incident closure.
2. Hierarchic escalation
If incidents are of a serious nature, the appropriate IT managers must be
notified, for informational purposes at least. Hierarchic escalation is also used if
the “Investigation and Diagnosis”, and “Resolution and Recovery” steps are
taking too long or proving too difficult. Hierarchic escalation should continue up
the management chain so that senior managers are aware and can be
prepared and take any necessary action, such as allocating additional resources
or involving suppliers/maintainers.
Incident Closure
The Service Desk should check that the incident is fully resolved and that the users
are satisfied and willing to agree the incident can be closed. The Service Desk
should also:
Assign correct Closure Categorization
Conduct a User Satisfaction Survey
Create/review useful Incident Documentation
Determine (in conjunction with resolver groups) whether it is likely that the
incident could recur and decide whether any preventative action is necessary to
avoid this. In conjunction with Problem Management, raise a problem record in
all such cases so that preventative action is initiated.
Formally Close the Incident record
Service
Service
Strategy
Service
Operation ITIL
• Problem Management
• Service Asset and Configuration Management (SACM)
• Change Management
• Capacity Management
• Availability Management
• Service Level Management
• Event Management
Service
Service
Strategy
Service
Operation ITIL
The metrics that should be monitored and reported upon to judge the efficiency and
effectiveness of the Incident Management process, and its operation, can be seen in
the slide.
Reports should be produced under the authority of the Incident Manager, who should
draw up a schedule and distribution list, in collaboration with the Service Desk and
support groups handling Incidents. Distribution lists should at least include IT services
management and specialist support groups. Consider also making the data available
to Users and Customers, for example via SLA reports.
Service
Service
Strategy
Service
Operation ITIL
• Incident Manager
– May be performed by Service Desk Supervisor
• Super Users
• First-Line Support
– Usually Service Desk Analysts
• Second-Line Support
• Third-Line Support (Technical Management, IT Operations,
Application Management, Third-party suppliers)
Incident Manager
An Incident Manager has the responsibility for:
Monitoring and driving the efficiency and effectiveness of the Incident
Management process and making recommendations for improvement
Producing management information
Managing the work of Incident support staff (first-and second-line)
Developing and maintaining the Incident Management systems
Managing Major Incidents
Developing and maintaining the Incident Management process and procedures
In many organizations the role of Incident Manager is assigned to the Service Desk
supervisor – though in larger organizations with high volumes a separate role may
be necessary. In either case it is important that the Incident Manager is given the
authority to manage Incidents effectively through 1st, 2nd and 3rd line.
‘Super Users’
This role will consist of business users who act as liaison points with IT in general and
the Service Desk in particular. The role of the Super User can be summarized as
follows:
To facilitate communication between IT and the Business at an operational level
To reinforce expectations of users regarding what Service Levels have been
agreed
Staff training for users in their area
Providing support for minor incidents or simple request fulfillment
Involvement with new releases and roll-outs
First-line support
The primary Service Desk analyst role is that of providing first-line support through
taking calls and handling the resulting incidents or service requests using the incident
and request fulfillment processes.
Second-line support
Many organizations will choose to have a second-line support group, made up of
staff with greater (though still general) technical skills than the Service Desk – and
with additional time to devote to incident diagnosis and resolution without
interference from telephone interruptions.
Third-line support
Third-line support will be provided by a number of internal technical groups and/or
third party suppliers/maintainers. The list will vary from organization to organization
but is likely to include:
Network Support and Voice Support (if separate)
Server Support and Desktop Support
Application Management – likely that there may be separate teams for different
applications or application types – some of which may be external
supplier/maintainers.
Database Support
Hardware Maintenance Engineers
Environmental Equipment Maintainers/Suppliers
Service
Service
Strategy
Service
Operation ITIL
Request Fulfillment
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Request Fulfillment
Service
Transition
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Strategy
Service
Operation ITIL
• Service Request
– A request from a User for information or advice, or for a
Standard Change. For example
• To reset a password, or to provide standard IT Services for a new
User.
• Request Model
Service request
The term ‘service request’ is used as a generic description for many varying types of
demands that are placed upon the IT department by the users. Many of these are
actually small changes – low risk, frequently occurring, low cost etc. For example:
A request to change a password
A request to install an additional software application onto a particular
workstation
A request to relocate some items of desktop equipment
A question requesting information
But their scale, frequency and low risk nature means that they are better handled by
a separate process, rather than being allowed to congest and obstruct the normal
incident and change management processes.
Request Models
Many service requests will be frequently recurring, so a predefined process-flow (a
model) can be devised to include the stages needed to fulfill the request, the
individuals or support groups involved, target timescales and escalation paths.
To assist with this, many organizations will wish to create predefined Request Models
(which typically include some form of pre-approval by Change Management). This is
similar in concept to the idea of Incident Models already described in the previous
section, but applied to service requests. Such Service Requests will usually be
satisfied by implementing a standard change. The ownership of service requests
resides with the service desk, which monitors, escalates, dispatches and often fulfils
the user request.
Self Help
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
–Improve responsiveness
–Reduce costs
–Extend hours of service
–Reduce demand on IT staff
Web based front end –Improve quality
menu driven shopping
cart experience
Incident Management
Request Fulfillment
Change Management
Deployment
Access Management
Asset or
CMBD
Request fulfillment offers great opportunities for self-help practices where users can
generate a service request using technology that links into service management tools.
Ideally users should be offered a ‘menu’ type selection via a web interface so that
they can select and input details of service requests from a predefined list –where
appropriate expectations can be set by giving target delivery and/or implementation
targets/dates (in line with SLA targets).
Where organizations are offering a Self-Help IT support capability to the users, for
Incident, Change and/or Access Management, it would make sense to combine this
with a Request Fulfillment system as described.
Specialist web tools to offer this type of ‘shopping cart’ experience can be used and
interfaces directly to the back-end integrated ITSM tools, or other more general
business process automation or ERP/CRM tools that may be used for management of
the request fulfillment activities.
A Request Fulfillment system offers significant opportunities to:
Improve Responsiveness
Reduce Costs
Extend Hours of Service
Reduce demand on IT staff
Improve Quality
Service
Service
Strategy
Service
Operation ITIL
In most cases there will be no need for additional roles or posts to be created
exclusively to Request Fulfillment.
Initial handling of Service Requests will be undertaken by the Service Desk and
Incident Management staff.
Eventual fulfillment of the request will be undertaken by the appropriate Service
Operation team(s) or departments and/or by external suppliers, as appropriate.
Often Facilities Management, Procurement and other business areas aid in the
fulfillment of the service request.
In exceptional cases where a very high number of Service Requests are handled, or
where the requests are of critical importance to the organization, it may be
appropriate to have one or more of the Incident Management team dedicated to
handling and managing Service Requests.
Problem Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Problem Management
Service
Transition
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
Service
Operation ITIL
Problem Management is the process responsible for managing the Lifecycle of all
Problems.
Service
Service
Strategy
Service
Operation ITIL
Basic concepts (1 of 2)
Service
Transition
• Problem
– The cause of one or more incidents
• Problem Models
• Workaround
• Known Error
• Known Error Database
Problem
ITIL defines a ‘Problem’ as the cause of one or more incidents.
Problem Models
Many problems will be unique and will require handling in an individual way – but it
is conceivable that some incidents may re-occur because of dormant or underlying
problems (for example where the cost of a permanent resolution will be high and a
decision has been taken not to go ahead with an expensive solution – but to ‘live
with the problem’). As well as creating a Known Error Record in the Known Error
Database to ensure quicker diagnosis, the creation of a Problem Model for handling
such problems in the future may be helpful. This is very similar in concept to the idea
of Incident Models, already described, but applied to Problems as well as Incidents.
Workarounds
In some cases it may be possible to find a workaround to the incidents caused by the
Problem - a temporary way of overcoming the difficulties.
For example, a manual amendment may be made to an input file to allow a program
to complete its run successfully and allow a billing process to complete satisfactorily,
but it is important that work on a permanent resolution continues where this is
justified – in this example the reason why the file became corrupted in the first place
must be found and corrected to prevent this happening again.
Known Error
As soon as the diagnosis is complete and particularly where a workaround has been
found (even though it may not yet be a permanent resolution) a Known Error record
must be raised and placed in the Known Error Database – so that if further incidents
or problems arise they can be identified and the service restored more quickly.
However, in some cases it may be advantageous to raise a Known Error record even
earlier in the overall process – just for information purposes for example - even
though the diagnosis may not be complete or a workaround found – so it is
inadvisable to set a concrete procedural point exactly when a Known Error record
must be raised. It should be done as soon as it becomes useful to do so.
Service
Service
Strategy
Service
Operation ITIL
Basic concepts (2 of 2)
Service
Transition
Proactive Problem
Service Desk Event Management Incident Management Management Supplier or Contractor
Problem Detection
Problem Logging
Categorization
Prioritization
Workaround?
Create Known
Error Record Known Error
Database
Yes
Change Management Change Needed?
No
Resolution
Closure
End
Service
Service
Strategy
Service
Operation ITIL
• Problem Manager
• Supported by technical groups
– Technical Management
– IT Operations
– Application Management
– Third-party suppliers
The following roles are needed for the Problem Management process:
Problem Manager
There should be a designated person (or in larger organizations, a team) responsible
for Problem Management. Smaller organizations may not be able to justify a full time
resource for this role, and it can be combined with other roles in such cases, but it is
essential that it not just left to technical resources to perform. There needs to be a
single point of coordination and an owner of the Problem Management process.
This role will coordinate all problem management activities and will have specific
responsibility for:
Liaison with all problem resolution groups to ensure swift resolution of problems
within SLA targets
Ownership and protection of the Known Error Database
Gatekeeper for the inclusion of all Known Errors and management of search
algorithms
Formal closure of all Problem records
Liaison with suppliers, contractors etc to ensure that third parties fulfill their
contractual obligations, especially with regards to resolving problems and
providing problem-related information and data
Arranging, running, documenting and all follow-up activities relating to Major
Problem Reviews
Access Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Access Management
Service
Transition
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
Service
Operation ITIL
Access Management provides the right for users to be able to use a service or group
of services, thus preventing access to non-authorized users.
It is therefore the execution of policies and actions defined in Information Security
Management and Availability Management.
Service
Service
Strategy
Service
Operation ITIL
• Access
• Identity
• Rights
• Service or Service Groups
• Directory Services
Access Management is the process that enables users to use the services that are
documented in the Service Catalog. It comprises the following basic concepts:
Access refers to the level and extent of a service’s functionality or data that a
user is entitled to use.
Identity refers to the information about the user that distinguishes them as an
individual, and which verifies their status within the organization. By definition,
the Identity of a user is unique to that user.
Rights (also called privileges) refer to the actual settings whereby a user is
provided access to a service or group of services. Typical rights or levels of
access include read, write, execute, change, delete.
Services or Service groups. Most users do not only use one service, and users
performing a similar set of activities will use a similar set of services. Instead of
providing access to each service for each user separately, it is more efficient to
be able to grant each user – or group of users – access to the whole set of
services that they are entitled to use at the same time.
Directory Services refers to a specific type of tool that is used to manage access
and rights.
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Strategy
Service
Operation ITIL
Service Desk
IT Operations
Management
Technical Application
Management Management
Operations Control
Facilities Management
The following Service Operation functions are needed to manage the ‘steady state’
operational IT environment.
IT Operations Management
Facilities Management
Server HR Apps
Data Centres
Recovery Sites
Consolidation
Network Business Apps
Contracts
Storage
Database
Directory
Services
Desktop
Middleware
Internet/Web
Service Desk
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Service Desk
Service
Transition
The exact nature, type, size and location of a Service Desk will vary, depending
upon the type of business, number of users, geography, complexity of calls, scope of
services and many other factors, but in alignment to customer and business
requirements. The primary options are detailed below, but in reality an organization
may need to implement a structure that combines a number of these options in order
to fully meet the business needs:
Local Service Desk — This is where a desk is co-located within or physically
close to the user community it serves. This often aids communication and gives a
clearly visible presence which some users like, but can often be inefficient and
expensive to resource as staff is tied up waiting to deal with incidents, when the
volume and arrival rate of calls may not justify this.
Service Desk
Service Desk
Second Line
Support
Virtual Service Desk — Through the use of technology, particularly the Internet,
and the use of corporate support tools, it is possible to give the impression of a
single, centralized Service Desk when in fact the personnel may be spread or
located in any number or type of geographical or structural locations. This
brings in the option of ‘home working’, secondary support group, off-shoring or
outsourcing – or any combination necessary to meet user demand. It is
important to note however that safeguards are needed in all of these
circumstances to ensure consistency and uniformity in service quality and cultural
terms.
San Francisco
Service Desk
Paris
Service Desk Rio de
Janeiro
Service Desk
Virtual
Service Desk
Sydney
Beijing Service Desk
Service Desk
Service
Knowledge
Management
System
London
Service Desk
Service
Service
Strategy
Service
Operation ITIL
Service Desk
Service
Service
Strategy
Service
Operation ITIL
Service Desk
Second Line
Support
Service
Service
Strategy
Service
Operation ITIL
San Francisco
Service Desk
Paris
Service Desk Rio de
Janeiro
Service Desk
Virtual
Service Desk
Sydney
Beijing Service Desk
Service Desk
Service
Knowledge
Management
System
London
Service Desk
© Crown Copyright 2007. Reproduced under licence from OGC.
Service
Service
Strategy
Service
Operation ITIL
The primary aim of the Service Desk is to restore the ‘normal service’ to the users as
quickly as possible. In this context ‘restoration of service’ is meant in the widest
possible sense. While this could involve fixing a technical fault, it could equally
involve fulfilling a service request or answering a query – anything that is needed to
allow the users to return to working satisfactorily.
Specific responsibilities will include:
Logging all relevant incident/service request details, allocating categorization
and prioritization codes
Providing first-line investigation and diagnosis, and possibly resolving those
incidents/service requests they are able
Escalating incidents/service requests that they cannot resolve within agreed
timescales
Communication with users — keeping users informed of progress, notifying them
of impending changes or agreed outages etc.
Closing all resolved Incidents, Requests and other calls
Note
These activities are explained and set in context with the fuller Incident
Management and Request Fulfillment process in previous sections.
Configuration Management System (CMS) — A set of tools and databases that are
used to manage an IT Service Provider's Configuration data. The CMS also includes
information about Incidents, Problems, Known Errors, Changes and Releases; and
may contain data about employees, Suppliers, locations, Business Units, Customers
and Users. The CMS includes tools for collecting, storing, managing, updating, and
presenting data about all Configuration Items and their Relationships. The CMS is
maintained by Configuration Management and is used by all IT Service
Management Processes. See Configuration Management Database, Service
Knowledge Management System.
Service
Service
Strategy
Service
Operation ITIL
An organization must ensure that the correct number of staff is available at any given
time to match the demand being placed upon the desk by the business. Call rates
can be very volatile and often in the same day the arrival rate may go from very
high to very low and back again.
An organization planning a new desk should attempt to predict the call arrival rate
and profile – and to staff accordingly. Statistical analysis of call arrival rates under
current support arrangements must be undertaken and then closely monitored and
adjusted as necessary.
Many organizations will find that call rates peak during the start of the office day
and then fall off quickly, perhaps with another burst in the early part of the afternoon
— this obviously varies depending upon the organization’s business but is an often
occurring pattern for many organizations. In such circumstances it may be possible to
utilize part-time staff, home-workers, second-line support staff or third parties to cover
the peaks.
Service
Service
Strategy
Service
Operation ITIL
Average time to resolve an incident (when resolved at first line) and average
time to escalate an incident (where first-line resolution is not possible)
Average Service Desk cost of handling an incident. Two metrics should be
considered here:
• Total cost of the Service Desk divided by the number of calls
• Total costs for the period divided by total call duration minutes
Percentage of customer or user updates conducted within target times, as
defined in SLA targets
Average time to review and close a resolved call
The number of calls broken down by time of day and day of week, combined
with the average call-time metric (critical in determining the number of staff
required)
Technical Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Technical Management
Service
Transition
Service
Service
Strategy
Service
Operation ITIL
The following list provides some examples of typical Technical Management teams or
departments:
Mainframe team or department – if one or more mainframe types are still being
used by the organization
Server team or department – often split again by technology types (for example
Unix Server, Wintel Server)
Storage team or department, responsible for the management of all data
storage devices and media
Network Support team or department, looking after the organizations internal
WANs/LANs and managing any external network suppliers
Desktop team or department, responsible for all installed desktop equipment
Database team or department, responsible for the creation, maintenance and
support of the organizations databases
Middleware team or department, responsible for the integration, testing and
maintenance of all middleware in use in the organization
Directory Services team or department, responsible for maintaining access and
rights to service elements in the infrastructure
Internet or Web team or department, responsible for managing the availability
and security of access to servers and content by external customers, users and
partners
Messaging team or department responsible for email services
IP based telephony team or department (for example Voice over IP)
Service
Service
Strategy
Service
Operation ITIL
The objectives of Technical Management are to help plan, implement and maintain a
stable technical infrastructure to support the organizations business processes
through:
Well designed and highly resilient, cost-effective technical infrastructure
configuration
The use of adequate technical skills to maintain the technical infrastructure in
optimum condition
Swift use of technical skills to speedily diagnose and resolve any technical
failures that do occur
Service
Service
Strategy
Service
Operation ITIL
• Technical Managers
• Team Leaders
• Technical Analysts/Architects
• Technical Operator
IT Operations Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
IT Operations Management
Service
Transition
In business, the term ‘Operations Management’ is used mean the department, group
or team of people responsible for performing the organization’s day-to-day
operational activities – such as running the production line in a manufacturing
environment or managing the distribution centers and fleet movements within a
logistics organization.
In a similar way, IT Operations Management can be defined as the function
responsible for the ongoing management and maintenance of an organization’s IT
Infrastructure to ensure delivery of the agreed level of IT services to meet stated
Business Objectives.
Operations Control, an activity of IT Operations Management, oversees the execution
and monitoring of the operational activities and events in the IT Infrastructure and
performs the following tasks:
Console Management, which refers to defining central observation and
monitoring capability and then using those consoles to exercise monitoring and
control activities
Job Scheduling, or the management of routine batch jobs or scripts
Backup and Restore on behalf of all Technical and Application Management
teams and departments and often on behalf of users
Print and Output management for the collation and distribution of all centralized
printing or electronic output
Performance of maintenance activities on behalf of Technical or Application
Management teams or departments
Facilities Management, which refers to the management of the physical IT
environment, typically a data centre or computer rooms and recovery sites
together with all the power and cooling equipment
Operations Bridge which is a physical location where IT Services and IT
Infrastructure are monitored and managed
Network Operations Center which is a physical location where networks are
monitored and managed
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Strategy
Service
Operation ITIL
• IT Operations Manager
• Shift Leaders
• IT Operations Analysts
• IT Operators
• Liaise with the other shift leader(s) to ensure hand-over, continuity and
consistency between the shifts
• Act as line-manager for all Operations Analysts on his/her shift
• Assume overall health & safety, and security responsibility for the shift
(unless specifically designated to other staff members)
IT Operations Analysts—- Senior IT Operations staff who are able to determine
the most effective and efficient way to conduct a series of operations, usually in
high-volume, diverse environments. This role is normally performed as part of
Technical Management, but large organizations may find that the volume and
diversity of operational activities requires some more in-depth planning and
execution. Examples include Job Scheduling and the definition of a Back-up
strategy and schedule.
IT Operators — Staff who perform the day-to-day operational activities that are
defined in Technical or Application Management and, in some cases, IT
Operations Analysts. Typical Operator roles include:
• Performing Back-ups
• Console operations, i.e. monitoring the status of specific systems, job
queues, etc and providing 1st level intervention if appropriate
• Managing print devices, restocking with paper, toner, etc
• Ensuring that batch jobs, archiving, etc. are performed
• Running scheduled house-keeping jobs, such as database maintenance, file
clean-up, etc.
• Burning images for distribution and installation on new servers, Desktops or
laptops
• Physical installation of standard equipment in the data centre
Application Management
Service
Service
Design
Design
Service
Service
Strategy
Service
Operation ITIL
Application Management
Service
Transition
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Strategy
Service
Operation ITIL
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Successful ITSM requires an understanding of the way in which work is done and
putting in place a Program of Change within the IT organization. This type of
Change is, by its very nature, prone to difficulties. It involves people and the way
they work. People generally do not like to change; the benefits must be explained to
everyone to gain their support and to ensure that they break out of old working
practices.
Those responsible for managing and steering organizational change should
consciously address these softer issues. Using an approach such as John Kotter’s
'Eight steps to transforming your organization', coupled with formalized Project
Management skills and practices, will significantly increase the chance of success.
John P. Kotter, Professor of Leadership at Harvard Business School, investigated more
than 100 companies involved in, or having attempted a complex organizational
change program and identified 'Eight main reasons why transformation efforts fail'.
The main eight reasons, which are shown in the following figure, apply equally to IT
Service Management implementation programs.
[Steps]
‘…without a sensible vision transformation effort can easily dissolve into a list of
3
Creating a vision confusing, incompatible projects that can take the organization in the wrong direction,
or nowhere at all…’
‘…an explanation of 5 minutes should obtain reaction of ‘understanding’ and ‘interest’’
‘…without credible communication, and a lot of it, the hearts and minds of the
4 troops are never captured.’
Communicating the
vision ‘…make use of all communication channels’
‘…let managers lead by example..’”walk the talk”
6 ‘…real transformation takes time…without quick wins too many people give up
Planning for and
or join the ranks of those opposing Change’
creating quick wins
‘…actively look for performance improvements and establish clear goals..’
‘…communicate successes.’
‘…until Changes sink deeply into the culture new approaches are fragile and
7 Consolidating
subject to regression.’
improvements and
‘…in many cases workers revert to old practice.’
producing more Change
‘…use credibility of quick wins to tackle even bigger problems.’
8 ‘…show how new approaches, behaviour and attitude have helped improve
Institutionalising the
performance.’
Change
‘…ensure selection and promotion criteria underpin the new approach.’
Quotes
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Did we Measurement
and
get there? metrics
As the above figure shows, there are many opportunities for CSI. The figure above
also illustrates a constant cycle for improvement. The improvement process can be
summarized in six steps:
Embracing the vision by understanding the high-level business objectives. The
vision should align the business and IT strategies.
Assessing the current situation to obtain an accurate, unbiased snapshot of
where the organization is right now. This baseline assessment is an analysis of
the current position in terms of the business, organization, people, process and
technology.
Understanding and agreeing on the priorities for improvement based on a
deeper development of the principles defined in the vision. The full vision may
be years away but this step provides specific goals and a manageable
timeframe.
Detailing the CSI plan to achieve higher quality Service provision by
implementing ITSM processes.
Verify that measurements and metrics are in place to ensure that milestones were
achieved, process compliance is high, and business objectives and priorities
were met by the level of service.
Finally, the process should ensure that the momentum for quality improvement is
maintained by assuring that changes become embedded in the organization.
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Service Measurement is the ability to predict and report service performance against
the established target of achievements of an end-to-end service. Being able to
measure against a service is directly linked to the components, systems and
application that are being monitored and reported on. Service Measurement will
require someone to take the individual measurements and combine them to provide a
view of the true customer experience. Too often we provide a report against a
component, system or application but don’t provide the true Service Level as
experienced by the customer.
One of CSI’s key set of activities is to measure, analyze and report on IT Services
and ITSM results. Measurements will, of course, produce data. This data should be
analyzed over time to produce a trend. The trend will tell a story that may be good
or bad. It is essential that measurements of this kind have ongoing relevance. What
was important to know last year may no longer be pertinent this year
As part of the measuring process it is important to regularly confirm that the data
being collected and collated is still required and that measurements are adjusted
where necessary. This responsibility falls on the owner of each report or dashboard.
They are the individuals designated to keep the reports useful and to make sure that
something is being done with the results.
Why do we measure?
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Why do we measure?
Operation
Service
Transition
To Validate To Justify
To Intervene To Direct
Changes,
Targets and Metrics
corrective actions
Why do we measure?
To validate — monitoring and measuring to validate previous decisions
To direct — monitoring and measuring to set direction for activities in order to
meet set targets. It is the most prevalent reason for monitoring and measuring
To justify — monitoring and measuring to justify, with factual evidence or proof,
that a course of action is required
To intervene — monitoring and measuring to identify a point of intervention
including subsequent changes and corrective actions
The four basic reasons to monitor and measure lead to three key questions: “Why
are we monitoring and measuring?”, “When do we stop?” and “Is anyone using the
data?” To answer these questions, it is important to identify which of the above
reasons is driving the measurement effort. Too often, we continue to measure long
after the need has passed. Every time you produce a report you should ask, “Do we
still need this?”
Types of metrics
Continual Service
Improvement
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Types of metrics
Operation
Service
Transition
Critical Success Factor (CSF) — Something that must happen if a Process, Project,
Plan, or IT Service is to succeed. KPIs are used to measure the achievement of each
CSF. For example a CSF of "protect IT Services when making Changes" could be
measured by KPIs such as "percentage reduction of unsuccessful Changes",
"percentage reduction in Changes causing Incidents" etc.
Key Performance Indicator (KPI) — A Metric that is used to help manage a Process,
IT Service or Activity. Many Metrics may be measured, but only the most important of
these are defined as KPIs and used to actively manage and report on the Process, IT
Service or Activity. KPIs should be selected to ensure that Efficiency, Effectiveness,
and Cost Effectiveness are all managed.
See Critical Success Factor.
It is important to remember that there are three types of metrics that an organization
will need to collect to support CSI activities as well as other process activities. The
types of metrics are:
Technology metrics — These metrics are often associated with component and
application based metrics such as performance, availability etc.
Process metrics — These metrics are captured in the form of CSFs, KPIs and
activity metrics for the Service Management processes. These metrics can help
determine the overall health of a process. Four key questions that KPIs can help
answer are around quality, performance, value and compliance of following the
process. CSI would use these metrics as input in identifying improvement
opportunities for each process.
Service metrics — These metrics are the results of the end-to-end service.
Component metrics are used to compute the Service metrics.
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
• Fundamental to Continual
Service Improvement is the
concept of measurement
• The 7 Step Improvement Process
is designed to provide this
measurement
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Information
The 7 step improvement process is driven by the Strategy, Vision and Goals of the IT
organization and the business they serve. These need to be clearly identified and
understood in order to establish the correct decision-making framework, and to
ensure explicit agreement with the business.
Steps 1 and 2 are directly related to the strategic, tactical and operational goals that
have been defined for measuring Services and Service management processes as
well as the existing technology and capability to support measuring and CSI
activities.
Steps 1 and 2 are iterative during the rest of the activities. Depending on the goals
and objectives to support Service Improvement activities, an organization may have
to purchase and install new technology to support the gathering and processing of
the data and/or hire staff with the required skills sets.
Define processing
data requirements
Develop processing
data procedures
Be sure to also compare against the clearly defined objectives with measurable
targets that were set in the Service Design, Transition and Operations lifecycle
stages. Confirmation needs to be sought that these objectives and the milestones
were reached. If not, have improvement initiatives been implemented? If so, then the
CSI activities start again from the gathering data, processing data, and analyzing
data to identify if the desired improvement in Service quality has been achieved. At
the completion of each significant stage or milestone, a review should be conducted
to ensure the objectives have been met. It is possible here to use the Post
Implementation Review (PIR) from the change management process. The PIR will
include a review of supporting documentation and the general awareness amongst
staff of the refined processes or Service. A comparison is required of what has been
achieved against the original goals.
During the analysis activity, but after the results are compiled and analysis and
trending has occurred, it is recommended that internal meetings be held within IT to
review the results and collectively identify improvement opportunities. It is important
to have these internal meetings before you begin presenting and using the
information which is the next activity of Continual Service Improvement. The result is
that IT is a key player in determining how the results and any actions items are
presented to the business. This puts IT in a better position of formulating a plan of
presenting the results and any action items to the Business and to Senior IT
Management.
When analyzing data, it is important to seek answers to questions such as:
Are operations running according to plan? – this could be a project plan,
financial plan, availability, capacity or even IT Service Continuity Management
plan.
Are targets defined in SLAs or the Service Catalog being met?
Are there underlying structural problems that can be identified?
Are corrective actions required?
Are there any trends? – If so then what are the trends showing?
Are they positive trends or negative trends?
What is leading to/causing the trends?
Trends are an indicator that more analysis is needed to understand what is causing
it. When a trend goes up or down it is a signal that further investigation is needed to
determine if it is positive or negative.
Throughout CSI, assessment should identify whether targets were achieved and, if so,
whether new targets (and therefore new KPIs) need to be defined. If targets were
achieved but the perception has not improved, then new targets may need to be set
and new measures put in place to ensure that these new targets are being met.
Often there is a gap between what IT reports and what is of interest to the business.
IT is famous for reporting availability in percentages such as 99.85% available. In
most cases this is not calculated from an end-to-end perspective but only Main Frame
availability or application availability and often doesn’t take into consideration
LAN/WAN, server or desktop downtime. In reality, most people in IT don’t know the
difference between 99.95% and 99.99% availability let alone the business. Yet
reports continue to show availability achievements in percentages. What the business
really wants to understand is the number of outages that occurred and the duration
of the outages with analysis describing the impact on the business processes, in
essence, unavailability expressed in a commonly understood measure – time.
Although most reports tend to concentrate on areas where things are not going as
well as hoped for, do not forget to report on the good news as well. A report
showing improvement trends is IT Services’ best marketing vehicle. It is vitally
important that reports show whether CSI has actually improved the overall Service
provision and if it has not, the actions taken to rectify the situation.
This section spelled out the 7 steps of CSI activities. All 7 seven steps need attention.
There is no reward for taking a short cut or not addressing each step in a sequential
nature. If any step is missed, there is a risk of not being efficient and effective in
meeting the goals of CSI.
IT Services must ensure that proper staffing and tools are identified and implemented
to support CSI activities. It is also important to understand the difference between
what should be measured and what can be measured. Start small – don’t expect to
measure everything at once. Understand the organizational capability to gather data
and process the data. Be sure to spend time analyzing data as this is where the real
value comes in. Without analysis of the data, there is no real opportunity to truly
improve Services or Service management processes. Think through the strategy and
plan for reporting and using the data. Reporting is partly a “marketing” activity. It is
important that IT focus on the value added to the organization as well as reporting
on issues and achievements. In order for steps 5 through 7 to be carried out
correctly, it is imperative that the target audience is considered when packaging the
information.
An organization can find improvement opportunities throughout the entire Service
Lifecycle. An IT organization does not need to wait until a Service or Service
management process is transitioned into the Operations area to begin identifying
improvement opportunities.
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Manager
Operation
Service
Transition
This role is essential for a successful improvement program. The CSI “owner” is
ultimately responsible for the success of all improvement activities. This single point of
accountability coupled with competence and authority virtually guarantees a
successful improvement program.
The most important of the CSI Manager’s responsibilities are shown on the slide. The
full list is below.
Key responsibilities
Responsible for development of the CSI domain
Responsible for communicating the vision of CSI across the IT organization
Ensures that CSI roles have been filled
Works with the Service Owner to identify and prioritize improvement
opportunities
Works with the Service Level Manager to ensure that monitoring requirements
are defined
Works with the Service Level Manager to identity Service Improvement Programs
Ensures that monitoring tools are in place to gather data
Defines and reports on CSI Critical Success Factors, Key Performance Indicators
and CSI activity metrics
Ensures that Knowledge Management is an integral part of the day to day
operations
Ensures that CSI activities are coordinated throughout the Service Lifecycle
Reviews analyzed data
Presents recommendations to Senior Management for improvement
Leads, manages and delivers cross-functional and cross-divisional improvement
projects
Builds effective relationships with the Business and IT Senior Managers
Identifies and delivers process improvements in critical business areas across
Manufacturing and relevant Divisions
Sets direction and provides framework through which improvement objectives
can be delivered
Coaches, mentors and supports fellow Service Improvement professionals
Possesses the ability to positively influence all levels of management to ensure
that Service Improvement activities are receiving the necessary support and are
resourced sufficiently to implement solutions
Service
Service
Design
Design
Service
Service
Strategy
Service
ITIL
Service
Transition
Key responsibilities
Provide leadership on the development of business case and product line
strategy and architecture, new service deployment and lifecycle management
schedules
Perform Service Cost Management activities in close partnership with other
organizations such as Operations, Engineering, and Finance. Many of these
organizations are held to strict internal supplier agreements
Manage various and sometimes conflicting objectives in order to achieve the
organization’s goals and financial commitments
Instill a market focus
Create an imaginative organization which encourages high performance and
innovative contributions from its members within a rapidly changing environment
Service Managers are able to effectively communicate product/service line strategies
to corporate business leaders, and develop partnerships with other organizations
within the company with both similar and dissimilar objectives and also with
suppliers in order to satisfy internal and external customer needs. This is most often
achieved via formalized agreement for both internal and external suppliers.
They must be able to formulate development programs in response to new market
opportunities, assess the impact of new technologies, and guide creation of
innovative solutions in order to bring best-in-breed solutions to our internal and
external customers. They market the development and implementation of
products/services that incorporate new technologies or system development. This
requires extensive cross-organization communications. They also are able to identify,
develop, and implement financial improvement opportunities in order to meet the
firm’s commitments.
Service Transition
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Service Transition
Service
Transition
• Concepts
– V Model
– Configuration Item
– Configuration Management System
– Knowledge Management
– Data Information Knowledge Wisdom
– Service Knowledge Management System
– Definitive Media Library
• Processes
– Change Management
– Service Asset and Configuration Management
– Release and Deployment Management
Service
Service
Strategy
ITIL
4a 4b
Develop Component
Service And Assembly
Level 5
Solution Test
Service
KEY Levels of 5a Component 5b
configuration and Build &
testing Test Deliveries from
internal and
BL Baseline Point Internal &
external suppliers
external suppliers
Using a model such as the V-Model builds in service validation and testing early in
the service life cycle. It provides a framework to organize the levels of configuration
items to be managed through the life cycle and the associated validation and testing
activities both within and across stages.
The level of test is derived from the way a system is designed and built up. This is
known as a "V" model, which maps the types of test to each stage of development.
The V-model provides one example of how the service transition levels of testing can
be matched to corresponding stages of service requirements and design.
The left-hand side represents the specification of the service requirements down to the
detailed service design. The right-hand side focuses on the validation activities that
are performed against the specifications defined on the left-hand side. At each stage
on the left hand side, there is direct involvement by the equivalent party on the right
hand side. It shows that service validation and acceptance test planning should start
with the definition of the service requirements. For example, customers who sign off
the agreed service requirements will also sign off the service acceptance criteria and
test plan.
Service
Service
Strategy
ITIL
A configuration item is an asset, service component or other item which is, or will be,
under the control of configuration management. Configuration items may vary widely
in complexity, size and type, ranging from an entire service or system including all
hardware, software, documentation and support staff to a single software module or
a minor hardware component. Configuration items may be grouped and managed
together, for example, a set of components may be grouped into a release.
Configuration Items should be selected using established selection criteria, grouped,
classified and identified in such a way that they are manageable and traceable
throughout the Service Life Cycle.
Service
Service
Strategy
ITIL
The Configuration Management System holds all the information for CIs within the
designated scope. Some of these items will have related specifications or files that
contain the contents of the item, for example, software, document, photograph. For
example, a Service CI will include the details such as supplier, cost, purchase date
and renewal date for licenses and maintenance contracts and the related
documentation such as SLAs and underpinning contracts.
The CMS is also used a for wide range of purposes, for example asset data held in a
CMS (CMDB data) may be made available to external financial Asset Management
systems to perform specific asset management process reporting outside of
Configuration Management. The CMS maintains the relationships between all service
components and any related Incidents, Problems, Known Errors, Change and Release
documentation and may also contain corporate data about employees, suppliers,
locations and business units, customers and users.
Many organizations are already using some elements of Service Asset and
Configuration Management, often maintaining records in documents, spreadsheets
or local databases and some of these may be used in the overall CMS. Automated
processes to load and update the Configuration Management database should be
developed where possible so as to reduce errors and optimize costs. Discovery tools,
inventory and audit tools, enterprise systems and network management tools can be
interfaced to the CMS. These tools can be used initially to populate a CMDB, and
subsequently to compare the actual ‘live’ configuration with the information and
records stored in the CMS.
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
(DIKW)
Service
Transition
Wisdom
Knowledge
Information
Data
Context
Wisdom
Why?
Knowledge
How?
Information
Who, what,
when, where?
Data
Understanding
© Crown Copyright 2007. Reproduced under licence from OGC.
The flow from data to wisdom
Service
Service
Strategy
ITIL
(SKMS)
Service
Transition
Note
DML is described in the next slide.
Service
Service
Strategy
ITIL
The Definitive Media Library (DML) is the secure library in which the definitive
authorized versions of all media CIs are stored and protected. It stores master copies
of versions that have passed quality assurance checks. This library may in reality
consist of one or more software libraries or file-storage areas, separate from
development, test or live file-store areas. It contains the master copies of all controlled
software in an organization. The DML should include definitive copies of purchased
software (along with license documents or information), as well as software
developed on site. Master copies of controlled documentation for a system are also
stored in the DML in electronic form.
The DML will also include a physical store to hold master copies, for example, a
fireproof safe. Only authorized media should be accepted into the DML, strictly
controlled by Service Asset and Configuration Management. The DML is a
foundation for Release and Deployment Management. The exact configuration of the
DML is defined during the planning activities. The definition includes:
Medium, physical location, hardware and software to be used, if kept online -
some Configuration Management support tools incorporate software libraries,
which can be regarded as a logical part of a DML
Naming conventions for filestore areas and physical media
CMDB
Electronic
CIs
Release
Record
Service
Service
Strategy
ITIL
The seven Service Transition processes are listed on the slide. Only three are
required to be discussed in detail: Change Management, Service Asset and
Configuration Management (SACM), and Release and Deployment Management.
Change Management
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change Management
Service
Transition
Service
Service
Strategy
ITIL
There is a big difference between V2 and V3. In Version 2, we used to say minimize
risk but in ITIL V3 we consider the cost to the business and the value to the business
of risk treatments and we optimize these to achieve the best business outcome for the
money.
The goals of Change Management are to:
Respond to the customer’s changing business requirements whilst maximizing
value and reducing incidents, disruption and re-work
Respond to the business and IT requests for change that will align the services
with the business needs
The objective of the Change Management process is to ensure that changes are
recorded and then evaluated, authorized, prioritized, planned, tested, implemented,
documented and reviewed in a controlled manner.
The purpose of the Change Management process is to ensure that:
Standardized methods and procedures are used for efficient and prompt
handling of all Changes
All changes to service assets and configuration items are recorded in the
configuration management system
Overall business risk is optimized
Change — Scope
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Scope
Service
Transition
Change can be defined in many ways. The definition of a Service Change is:
"The addition, modification or removal of authorized, planned or supported service
or service component and its associated documentation.”
The scope of Change Management covers changes to baselined service assets and
configuration items across the whole Service Life Cycle. Each organization should
define the changes that lie outside the scope of their service change process.
Typically these might include:
Changes with significantly wider impacts than service changes, for example,
departmental organization, policies, business operations — these changes
would produce RFCs to generate consequential service changes
Changes at an operational level such as repair to printers or other routine
service components
Service
change
The figure above shows a typical scope for the service change management process
for an IT department and how it interfaces with the business and suppliers at
strategic, tactical and operational levels. It covers interfaces to internal and external
service providers where there are shared assets and configuration items that need to
be under change management. Service Change management must interface with
Business change management (to the left in the figure), and with the supplier’s
change management (to the right in the figure). This may be an external supplier
with a formal change management system, or with the project change mechanisms
within an internal development project.
The Service Portfolio provides a clear definition of all current, planned and retired
services. Understanding the service portfolio helps all parties involved in the service
transition to understand the potential impact of the new or changed service on
current services and other new or changed services.
Strategic changes are brought in via Service Strategy and the business relationship
management processes. Changes to a Service will be brought in via Service Design,
Continual Service Improvement and the Service Level Management process.
Corrective change, resolving errors detected in services, will be initiated from Service
Operations, and may route via support or external suppliers into a formal RFC.
Exclusions
The scope of a Service Change does not include strategic planning for business
transformation or organizational change although the interfaces to these processes
do need to be managed.
Service
Service
Strategy
ITIL
Reliability and business continuity are essential for the success and survival of any
organization. Service and infrastructure Changes can have a negative impact on the
business through service disruption and delay in identifying business requirements,
but Change management enables the service provider to add value to the business
by:
Prioritizing and responding to business and customer change proposals
Implementing changes that meet the customers’ agreed service requirements
while optimizing costs
Note
We are not trying to minimize costs like in ITIL V2. In V3 we may choose a
solution with higher a cost for a better outcome
Service
Service
Strategy
ITIL
• Change types
– Normal changes
• Types are specific to the organization
• Type determines what assessment is required
– Standard changes
• Pre-authorized with an established procedure
– Emergency changes
• Business criticality means there is insufficient time for normal
handling
• Should use normal process but speeded up
Standard Changes
A standard Change is a change to a service or infrastructure for which the approach
is pre-authorized by change management that has an accepted and established
procedure to provide a specific change requirement. Examples might include an
upgrade of a PC in order to make use of specific standard and pre-budgeted
software, new starters within an organization, desktop move for single user. Other
examples include low impact, routine application change to handle seasonal
variation.
Approval of each occurrence of a standard change will be granted by the delegated
authority for that standard change, for example, by the budget holding customer for
installation of software from an approved list on a PC registered to their
organizational unit or by the third party engineer for replacement of a faulty desktop
printer.
The crucial elements of a standard Change are that:
There is a defined trigger to initiate the RFC
The tasks are well-known, documented and proven
Authority is effectively given in advance
Budgetary approval will typically be preordained or within the control of the
Change requester
Usually low risk, and always well understood risk
Once the approach to manage standard changes has been agreed, standard
Change processes and associated change workflows should be developed and
communicated. A change model would normally be associated with each standard
change to ensure consistency of approach. Standard Changes should be identified
early on when building the Change management process to promote efficiency.
All changes, including standard changes will have details of the change recorded.
For some standard changes this may be different in nature from normal change
records. Some standard changes to configuration items may be tracked on the asset
or configuration item life cycle, particularly where there is a comprehensive CMS that
provides reports of changes, their current status, the related configuration items and
the status of the related CI versions. In these cases the change and configuration
management reporting is integrated and change management can have ‘oversight’
of all changes to service CIs and release CIs.
Some standard changes will be triggered by the request fulfillment process and be
directly recorded and passed for action by the service desk.
Emergency Changes
Emergency Changes are sometimes required and should be designed carefully and
tested before use or the impact of the emergency change may be greater than the
original incident. Emergency changes may document some details retrospectively.
The number of emergency Changes proposed should be kept to an absolute
minimum, because they are generally more disruptive and prone to failure. All
Changes likely to be required should, in general, be foreseen and planned, bearing
in mind the availability of resources to build and test the Changes. Nevertheless,
occasions will occur when emergency Changes are essential and so procedures
should be devised to deal with them quickly, without sacrificing normal management
controls.
Emergency change is reserved for changes intended to repair an error in an IT
service that is negatively impacting the business to a high degree. Changes intended
to introduce immediately required business improvements are handled as normal
changes, assessed as having the highest urgency.
Defined authorization levels will exist for an emergency change, and the levels of
delegated authority must be clearly documented and understood. In an emergency
situation it may not be possible to convene a full Change Advisory Board (CAB)
meeting. Where CAB approval is required, this will be provided by the Emergency
CAB (ECAB). Not all emergency changes will require the ECAB involvement, many
may be predictable both in occurrence and resolution and well understood changes
available, with authority delegated, for example, to Operations teams who will
action, document and report on the emergency change.
Service
Service
Strategy
ITIL
Change — Activities
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Activities
Service
Transition
Change
Review the RFC
Management Ready for evaluation
Assess and evaluate
change
Work orders
Ready for decision
Authorize change Authorize
proposal Change change
Authority Authorized
Plan updates
Change
Management Scheduled Work orders
Co-ordinate change
implementation*
Change
Management Implemented
7 Rs of Change Management
Service
Service
Design
Design
Service
Service
Strategy
ITIL
7 Rs of Change Management
Service
Transition
The 7 Rs are important questions to be asked when evaluating the change, during
the “Assess and Evaluate Change” activity. These generic questions provide a good
starting point from which to consider the potential impact on the services of failed
changes, and their impact on service assets and configurations.
Change — Roles (1 of 2)
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Roles (1 of 2)
Service
Transition
• Change Manager
– Process owner
– Ensures that process is followed
– Usually authorizes minor changes
– Coordinates and runs CAB meetings
– Produces change schedule
– Coordinates change/built/test/implementation
– Reviews/Closes Changes
The main duties of the Change Manager, some of which may be delegated, are
listed below:
Receive, log and allocate a priority, in collaboration with the initiator, to all
RFCs. Reject any RFCs that are totally impractical
Table all RFCs for a CAB meeting, issue an agenda and circulate all RFCs to
CAB members in advance of meetings to allow prior consideration
Decide which people will come to which meetings, who gets specific RFCs
depending on the nature of the RFC, what is to be changed, and people’s areas
of expertise
Convene urgent CAB or ECAB meetings for all urgent RFCs
Chair all CAB and ECAB meetings
After consideration of the advice given by the CAB or ECAB, authorize
acceptable Changes
Issue Change Schedules, via the Service Desk
Liaise with all necessary parties to coordinate Change building, testing and
implementation, in accordance with schedules
Update the Change log with all progress that occurs, including any actions to
correct problems and/or to take opportunities to improve service quality
Review all implemented Changes to ensure that they have met their objectives.
Refer back any that have been backed out or have failed
Review all outstanding RFCs awaiting consideration or awaiting action
Analyze Change records to determine any trends or apparent problems that
occur. Seek rectification with relevant parties
Close RFCs
Produce regular and accurate management reports
Change — Roles (2 of 2)
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Roles (2 of 2)
Service
Transition
The Change Advisory Board (CAB) is a body that exists to support the authorization
of changes and to assist Change Management in the assessment and prioritization of
changes. As and when a CAB is convened, members should be chosen who are
capable of ensuring that all Changes within the scope of the CAB are adequately
assessed from both a business and a technical viewpoint.
The CAB may be asked to consider and recommend the adoption or rejection of
changes appropriate for higher level authorization and then recommendations will
be submitted to the appropriate change authority. To achieve this, the CAB needs to
include people with a clear understanding across the whole range of stakeholder
needs. The Change Manager will normally chair the CAB and, potential members
include:
Customer(s)
User manager(s)
User group representative(s)
Applications developers/maintainers
Specialists/technical consultants
Services and operations staff, for example, Service Desk, Test management,
ITSCM, Security, Capacity
Change — Interfaces
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Interfaces
Service
Transition
• Inputs
• Outputs
• Interfaces with other processes
Change — Inputs
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Inputs
Service
Transition
Changes may be submitted as a Request for Change (RFC), often with an associated
change proposal that provides the detail of how the change will happen, for
example, approach to implementing a legislative change. The change proposal will
be based on a change model and will provide more detail about the specific change
proposed. The inputs include those listed on the slide.
Examples of Service Management Plans include the plans for doing change,
transition, release, deployment, test, evaluation and remediation.
The Change Schedule is a document that lists all approved Changes and their
planned implementation dates.
The Projected Service Outage is a document that identifies the effect of planned
Changes, maintenance activities and test plans on agreed Service Levels.
All these inputs are considered when assessing a change through the Change
Management process.
Change — Outputs
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Outputs
Service
Transition
Service
Service
Strategy
ITIL
The service management processes may require change and improvements. Many
will also be involved in the impact assessment and implementation of service
changes. For example:
Change Management
Configuration Management
Capture
release and Check
Reports & Identify Update Audit
environment records
audits affected items records items
baselines updated
Security Management
Security management interfaces with change management since changes required
by security will go via change management process and security will be a key
contributor to CAB discussion on many services. Every significant change will be
assessed for its potential impact on the security plan.
Service
Service
Strategy
ITIL
• Compliance
– Reduction in unauthorized changes
– Reduction in emergency changes
• Effectiveness
– Percentage of changes which met requirements
– Reduction in disruptions, defects and re-work
– Reduction in changes failed/backed out
– Number of incidents attributable to changes
• Efficiency
– Benefits (value compared to cost)
– Average time to implement (by urgency/priority/type)
– Percentage accuracy in change estimates
Change Management must ensure that measures that have specific meaning. While
it is relatively easy to count the number of Incidents that eventually generate
Changes, it is infinitely more valuable to look at the underlying cause of such
Changes, and to identify trends. Better still to be able to measure the impact of
Changes and to demonstrate reduced disruption over time because of the
introduction of Change Management, and also to measure the speed and
effectiveness with which the IT infrastructure responds to identified business needs.
Measures taken should be linked to business goals wherever practical – and to cost,
service availability, and reliability. Any predictions should be compared with actual
measurements.
The Key Performance Indicators for Change Management are:
The number of changes implemented to services which met the customers agreed
requirements, for example, quality/cost/time (expressed as a percentage of all
changes)
The benefits of change expressed as ‘value of improvements made’ + ‘negative
impacts prevented or terminated’ compared to the costs of the change process
Reduction in the number of disruptions to services, defects and re-work caused
by inaccurate specification, poor or incomplete impact assessment
Change — Challenges
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Change — Challenges
Service
Transition
Service
Service
Strategy
ITIL
(SACM)
Service
Transition
• Objectives
• Basic concepts
• Roles
SACM — Objectives
Service
Service
Design
Design
Service
Service
Strategy
ITIL
SACM — Objectives
Service
Transition
Service
Service
Strategy
ITIL
• Configuration Items
• Logical Model
Service
Service
Strategy
ITIL
There will be a variety of CIs; the following categories may help to identify them.
Service Life Cycle CIs such as the Business case, Service Management plans,
Service Life Cycle plans, Service Design Package, Release and Change plans,
Test plans. They provide a picture of the service provider’s services, how these
services will be delivered, what benefits are expected, at what cost, and when
they will be realized.
Service CIs such as:
• Service capability assets: management, organization, processes,
knowledge, people
• Service resource assets: financial capital, systems, applications, information,
data, infrastructure and facilities, financial capital, people
• Service Model
• Service Package
• Release Package
• Service Acceptance Criteria
Service
Service
Strategy
ITIL
E-Banking E-Sales
User User
Experience Application Application
Experience
Business Business
Availability SLA SLA Availability
Logic Logic
Application Application
Infrastructure Infrastructure
Data Center
Network
Messaging Data services Web services Web services Data services Messaging
Network Name
Topology Service
Authentication
‘Danish Clock’
There is a traditional Danish proverb that runs ‘When you have a clock in your
house, you know the time – once you get two clocks you are no longer certain’.
SACM delivers that one clock for all processes and so glues them together, delivers
consistency and helps achieve common purpose.
SACM — Roles
Service
Service
Design
Design
Service
Service
Strategy
ITIL
SACM — Roles
Service
Transition
Role specifications for the Change, Service Asset and Configuration Management
team need to be developed. Typical roles include:
Service Asset Manager
Configuration Manager
Configuration Analyst
Administrator/Librarian
CMS/Tools administrator
Assign the Configuration Manager and other key roles as early as possible, because
assigned individuals can then be involved in the implementation. For some
operational activities Configuration Management will require staff who will adopt a
diligent approach and pay due attention to detail.
The key roles of Service Asset Manager and Configuration Manager have the
following responsibilities:
Works to the overall objectives agreed with the IT Services Manager; implements
the organization’s Service Asset Management/Configuration Management
policy and standards
Evaluates existing Asset Management/Configuration Management systems and
the design, implementation and management of new/improved systems for
efficiency and effectiveness – including estimating and planning the work and
resources involved, and monitoring and reporting on progress against plan
Agrees scope of the Asset Management/Configuration Management processes,
function, the items that are to be controlled, and the information that is to be
recorded. Develops Asset Management/Configuration Management standards,
plans and procedures
Mounts an awareness campaign to win support for new Asset
Management/Configuration Management procedures. Ensures that changes to
the Asset Management/Configuration Management methods and processes are
properly approved and communicated to staff before being implemented. Plans,
publicizes and oversees implementation of new Asset
Management/Configuration Management systems
Arranges recruitment and training of staff
Manages the evaluation of proprietary Asset Management/Configuration
Management tools and recommends those that best meet the organization’s
budget, resource, timescale and technical requirements
Manages the Asset Management/Configuration Management plan, principles
and processes and their implementation
Agrees assets/CIs to be uniquely identified with naming conventions. Ensures
that staff comply with identification standards for object types, environments,
processes, lifecycles, documentation, versions, formats, baselines, Releases and
templates
Proposes and/or agrees interfaces with Change Management, Problem
Management, Network Management, Release Management, computer
operations, logistics, finance and administration functions
Plans population of the Asset DB/CMS. Manages the Asset DB/CMS, central
libraries and tools. Ensures regular housekeeping of the Asset DB/CMS
Service
Service
Strategy
ITIL
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
ITIL
A Service Package is a set of things to be released together. It can range in size from
a single release unit that is a small part of one application to a complete IT Service
including hardware, software, processes, documentation, user training, IT Staff
training, service level agreements, supplier contracts and more.
The goal of release and deployment management is to deploy Releases into
production and enable effective use of the service in order to deliver value to the
customer.
The objective of release and deployment management is to ensure that:
There are clear and comprehensive release and deployment plans that enable
the customer and business change projects to align their activities with these
plans
A release package can be built, installed, tested and deployed efficiently to a
deployment group or target environment successfully and on schedule
A new or changed service and its enabling systems, technology and
organization are capable of delivering the agreed service requirements i.e.
utilities, warranties and service levels
There is knowledge transfer to enable the customers and users to optimize their
use of the service to support their business activities
Skills and knowledge are transferred to operations and support staff to enable
them to effectively and efficiently deliver, support and maintain the service
according to required warranties and service levels
There is minimal unpredicted impact on the production services, operations and
support organization
Customers, users and service management staff are satisfied with the service
transition practices and outputs, for example, user documentation and training
The purpose of release and deployment management is to:
Define and agree release and deployment plans with customers and
stakeholders
Ensure that each release package consists of a set of related assets and service
components that are compatible with each other
Ensure that integrity of a release package and its constituent components is
maintained throughout the transition activities and recorded accurately in the
CMS
Ensure that all release and deployment packages can be tracked, installed,
tested, verified, and/or uninstalled or backed out if appropriate
Record and manage deviations, risks, issues related to the new or changed
service and take necessary corrective action
Service
Service
Strategy
ITIL
Basic concepts (1 of 3)
Service
Transition
• Release Unit
– CIs that are normally released together
– Typically includes sufficient components to perform a useful
function. For example
• Fully configured desktop PC, payroll application
– Considerations include
• Ease and amount of change needed to deploy
• Resources needed to build, test and deploy
• Complexity of interfaces
IT Service A
A1 A2 A3
A2.1.1
The general aim is to decide the most appropriate Release-unit level for each service
asset or component. An organization may, for example, decide that the Release unit
for business critical applications is the complete application in order to ensure that
testing is comprehensive. The same organization may decide that a more
appropriate Release unit for a web site is at the page level.
The following factors should be taken into account when deciding the appropriate
level for Release units:
The ease and amount of Change necessary to release and deploy a Release
unit
The amount of resources and time needed to build, test, distribute and
implement a Release unit
The complexity of interfaces between the proposed unit and the rest of the
services and IT infrastructure
The storage available in the build, test, distribution and live environments
Releases should be uniquely identified according to a scheme defined in the Release
policy. The Release identification should include a reference to the CIs that it
represents and a version number that will often have 2 or 3 parts, for example,
emergency fix Releases: Payroll_System v.1.1.1, v.1.1.2, v.1.1.3.
Service
Service
Strategy
ITIL
Basic concepts (2 of 3)
Service
Transition
Service design will define the approach to transitioning from the current service to the
new or changed service or service offering. The Service Design Package (SDP)
defines the service and solution design components to be transitioned to deliver the
required Service Package(s) and Service Level Package(s). Common options for
release and deployment that are considered in service design are discussed below.
The selected option will can have a significant impact on the release and deployment
resources as well as the business outcomes. It is important to understand the Patterns
of Business Activity, (PBA) and User profiles when planning and designing the
releases.
In order to deploy via ‘push’ approach, the data on all user locations must be
available. Pull approaches do not rest so heavily on accurate configuration data and
they can trigger an update to user records. This may be through new users
appearing and requesting downloads or expected users not doing so triggering
investigation into their continued existence. As some users will never ‘Pull’ a Release
it may be appropriate to allow a “Pull” within a specified time limit and if this is
exceeded a Push will be forced, for example, for an anti-virus update.
Release Package
Release
Current Baseline (as-is) Package Target Baseline (to-be)
Business/Organization Business/Organization
Architecture BARO1 Architecture
Supported by Supported by
The figure above provides an example of how the architectural elements of a service
may be changed from the current baseline to the new baseline with releases at each
level. The architecture will be different in some organizations but is provided in this
section to give a context for release and deployment activities. The release and
deployment teams need to understand the relevant architecture in order to be able to
plan, package, build and test a release to support the new or changed service. This
helps to prioritize the release and deployment activities and manage dependencies,
for example, the technology infrastructure needs to be ready with operations staff
ready to support it with new or changed procedures before an application is
installed.
The figure also shows how the service architectural elements depend on the service
portfolio that defines the service offerings and service packages. Dependent services
will need to be built and tested in service transition. For example an IT financial
service may be dependent on several internal support services and an external
service.
There are normally dependencies between particular versions of service components
required for the service to operate. For example a new version of an application may
require an upgrade to the operating system and one or other of these two Changes
could require a hardware change, for example, a faster processor or more memory.
In some cases, the release package may consist of a set of documentation and
procedures. These could be deployed via a manual update or through an automatic
publishing mechanism, for example, to the SKMS/web site.
A release package may be a single release unit or a structured set of release units
such as the one shown in the figure below
The example in the figure shows an Application with its user documentation and a
release unit for each technology platform. On the right there is the customer service
asset that is supported by two supporting services – SSA for the infrastructure service
and SSB for the application service. These release units will contain information
about the services, its utilities and warranties, release documentation. Often there will
be different ways of designing a Release Package and consideration needs to be
given to establishing the most appropriate method for the identifiable circumstances,
stakeholders and possibilities.
Where possible, Release packages should be designed so that some release units
can be removed if they cause issue in testing.
Service
Service
Strategy
ITIL
Basic concepts (3 of 3)
Service
Transition
The roles and responsibilities for each configuration item at each release level
The release promotion and configuration baseline model
Template release and deployment schedules
Supporting systems, tools and procedures for documenting and tracking all
release and deployment activities.
The handover activities and responsibilities for executing the handover for each
stage of release and deployment
Considerations in designing the release and deployment model include activities to:
Verify that a Release complies with the SDP, architecture and related standards
Ensure the approach to ensuring the integrity of hardware and software is
protected during installation, handling, packaging and delivery
Ensure the use of standard release and deployment procedures and tools
Automate the delivery, distribution, installation, build and configuration audit
procedures where appropriate to reduce costly manual steps
Manage and deploy/re-deploy/remove/retire software licenses
Package and build the Release Package so that it can be backed out or
remediated if required
Use configuration management procedures, the CMS and DML to manage and
control components during the build and deployment activities
Document the release and deployment steps
Document the deployment group or target environment that will receive the
release
Issue service notifications
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
• Deployment manager
– Final physical delivery of the service implementation
– Co-ordinates documentation and communications
• Including training and customer, service management and technical
release notes
– Plans deployment with Change, SKMS and SACM
– Technical and application guidance and support
• Including known errors and workarounds
– Feedback on effectiveness of the release
– Records metrics for deployment
• To ensure within agreed SLAs
Service Design
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Service Design
Key concepts Processes
• Four Ps • Service Level Management
• Service Design Package • Service Catalog Management
• Aspects of Service Design • Availability Management
• Information Security Management
• Supplier Management
• Capacity Management
• IT Service Continuity Management
Service
Service
Strategy
ITIL
People
Products Processes
Partners
There are five individual aspects of Service Design considered within the Service
Delivery scope:
The design of new or changed services
The design of the Service Portfolio, including the Service Catalog
The design of the technology architecture and management systems
The design of the processes required
The design of measurement methods and metrics
The Service Design stage of the lifecycle starts with a set of new or changed business
requirements and ends with the development of a service solution designed to meet
the documented needs of the business.
This developed solution, together with its Service Design Pack (SDP, see next note), is
then passed to Service Transition to evaluate, build, test and deploy the new or
changed service and on completion of these transition activities, control is transferred
to the Service Operation stage of the service lifecycle.
The main aim of Service Design is the design of new or changed services. The
requirements for these new services are extracted from the Service Portfolio and each
requirement is analyzed, documented and agreed and a solution design is produced
which is then compared with the strategies and constraints from Service Strategy to
ensure that it conforms to corporate and IT policies.
Many designs, plans and projects fail through a lack of preparation and
management. The implementation of ITIL service management as a practice is about
preparing and planning the effective and efficient use of the four Ps: the People, the
Processes, the Products (services, technology and tools), and the Partners (suppliers,
manufacturers and vendors) as illustrated in the slide diagram.
People
Users, Customers, IT Staff and Managers all come under this heading.
Communication, training and clear definitions of roles and responsibilities for all
parties involved are essential if this valuable asset is to be utilized fully.
Processes
The Service Management processes are core of ITIL and they are distributed along
the Service Management Lifecycle.
Products
There are numerous tools available that are viewed as conforming to ITIL guidelines.
In other words, they have been developed to be consistent with IT Service
Management procedures. However, while tools significantly help in the
implementation and running of IT service provision they are by no means a solution
in their own right:
“In order to support the ITIL processes several different types of tools are required, the
one commonality in all of the tools is that they should be capable of providing a
service level view of the environment.”
“…IT has to be able to provide a reliable, high quality service for an acceptable fee.
This is not achieved through tools alone; any fool can implement a tool!”
From “A Fool with a Tool is Still a Fool” (Hewlett Packard White Paper – by Lindsay
Parker)
Partners
In most organizations there are many groups providing each part of the overall
service, with groups split across organizational boundaries and reporting lines.
Service management processes include the management of the services from all
contributors, irrespective of their function or reporting line. The third party supplier is
encouraged to find and implement improvements, be responsive to customer needs
and is discouraged from becoming complacent.
The Customer may not be aware that a part or all of the service they use is provided
by a third party because the service, when controlled by good service management
processes, is seamless.
Service
Service
Strategy
ITIL
A Service Design Package or SDP should be produced during the design stage, for
each new service, major change to a service or removal of a service or changes to
the “Service Design Package” itself.
This pack is then passed from Service Design to Service Transition and details all
aspects of the service and its requirements through all of the subsequent stages of its
lifecycle. The SDP should contain:
Service
Service
Strategy
ITIL
All design activities are triggered by changes in business needs and requirements. A
structured and holistic approach to the design activities should be adopted so that all
available information is considered to ensure consistency and integration is achieved
throughout the IT service provider organization within all design activities:
Requirements collection, analysis and engineering to ensure that business
requirements are clearly documented and agreed
Design of appropriate services, technology, processes, information and process
measurements to meet business requirements
Review and revision of all processes and documents involved in Service Design,
including designs, plans, architectures and policies
Liaison with all other design and planning activities and roles, for example,
solution design
Production and maintenance of IT policies and design documents, including
designs, plans, architectures and policies
Revision of all design documents and planning for the deployment and
implementation of IT strategies using “roadmaps”, programs and project plans
Risk assessment and management of all design processes and deliverables
Ensuring alignment with all corporate and IT strategies and policies
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
Basic concepts
• The Service Catalog
– Part of the Service Portfolio
– Details of all operational services and those being prepared for
transition
– Business Service Catalog
• Details of all of the IT services delivered to customers
• Visible to the customers
– Technical Service Catalog
• Details of all supporting services
• Not usually visible to customers
Over the years, organizations’ IT Infrastructures have grown and developed, and
there may not be a clear picture of all the services currently being provided and the
customers of each service. In order to establish an accurate picture, it is
recommended that an IT Service Portfolio containing a Service Catalog are produced
and maintained to provide a central accurate set of information on all services and to
develop a service focused culture.
The Service Portfolio is produced as part of Service Strategy and should include
participation by those involved in Service Design, Transition, Operation and
Improvement. Once a Service is ‘chartered’ (being developed for use by customers),
Service Design produces the specifications for the service and it is at this point the
Service should be added to the Service Catalog.
The Service Catalog should contain details of all operational services being provided
or those being prepared for transition to the live environment, a summary of their
characteristics and details of the customers and maintainers of each.
See the figure below for a visual representation of the Service Portfolio/Catalog:
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
The purpose of the SLM process is to ensure that all operational services and their
performance are measured in a consistent, professional manner throughout the IT
organization, and that the services and the reports produced meet the needs of the
business and customers.
Service Level Management process ensures that an agreed level of IT service is
provided for all current IT services, and that future services are delivered to agreed
achievable targets. Proactive measures are also taken to seek and implement
improvements to the level of service delivered.
The objectives of SLM are to:
Define, document, agree, monitor, measure, report and review the level of IT
services provided
Provide and improve the relationship and communication with the business and
customers
Ensure that specific and measurable targets are developed for all IT services
Monitor and improve customer satisfaction with the quality of service delivered
Ensure that IT and the customers have a clear and unambiguous expectation of
the level of service to be delivered
Ensure that proactive measures to improve the levels of service delivered are
implemented wherever it is cost-justifiable to do so
Service
Service
Strategy
ITIL
SLM should provide a point of regular contact and communication to the customers
and business managers of an organization. It should represent the IT service provider
to the business, and the business to the IT service provider.
This activity should encompass both the use of existing services and the potential
future requirements for new or changed services.
SLM needs to manage the expectation and perception of the business, customers and
users and ensure that the quality of service delivered by the service provider is
matched to those expectations and needs.
In order to do this effectively SLM should establish and maintain SLAs for all current
live services and manage the level of service provided to meet the targets and quality
measurements contained within the SLAs. SLM should also produce and agree SLRs
for all planned new or changed services.
This will enable SLM to ensure that all the services and components are designed
and delivered to meet their targets in terms of business needs.
Service
Service
Strategy
ITIL
SLM provides a consistent interface to the business for all service related issues. It
provides the business with the agreed service targets and the required management
information to ensure that those targets have been met.
Where targets are breached, SLM should provide feedback on the cause of the
breach and details of the actions taken to prevent the breach from recurring. Thus
SLM provides a reliable communication channel and a trusted relationship with the
appropriate customers and business representatives.
Service
Service
Strategy
ITIL
IT Infrastructure
Service
Service
Strategy
ITIL
Develop and document contacts and relationships with the business, customers
and stakeholders.
It is very important that SLM develops trust and respect with the business,
especially with the key business contacts. Using the Service Catalog, especially
the Business Service Catalog element of it, enables SLM to be much more
proactive.
Develop, maintain and operate procedures for logging, actioning and resolving
all complaints, and for logging and distributing compliments.
The SLM process should also include activities and procedures for the logging
and management of all complaints and compliments. The logging procedures
are often performed by the Service Desk as they are similar to those of Incident
Management and Request Fulfillment.
Service
Service
Strategy
ITIL
Key performance indicators (KPIs) and metrics can be used to judge the efficiency
and effectiveness of the SLM activities and the progress of the SIP. These metrics
should be developed from the service, customer and business perspective and should
cover both subjective and objective measurements such as the following:
Objective metrics
Number or percentage of service targets being met
Number and severity of service breaches
Number of services with up-to-date SLAs
Number of services with timely reports and active service reviews
Subjective metric
Improvements in Customer Satisfaction
Service
Service
Strategy
ITIL
The Service Level Manager has responsibility for ensuring that the aims of Service
Level Management are met, as the process owner. This includes responsibilities such
as:
Keeping aware of changing business needs, understanding what customers
need
Ensuring that the current and future service requirements of customers are
identified, understood and documented in SLA and SLR documents
Negotiating and agreeing levels of service to be delivered with the customer
(either internal or external). Formally documenting these levels of service SLAs
Negotiating and agreeing OLAs and in some cases other SLAs and agreements
that underpin the SLAs with the customers of the service
Assisting with the production and maintenance of an accurate Service Portfolio,
Service Catalog, Application portfolio and the corresponding maintenance
procedures
Ensuring that targets agreed within underpinning contracts are aligned with SLA
and SLR targets
Ensuring that service reports are produced for each customer service and that
breaches of SLA targets are highlighted, investigated and actions taken to
prevent their recurrence
Ensuring that service performance reviews are scheduled, carried out with
customers regularly and are documented with agreed actions progressed
Ensuring that improvement initiatives identified in service reviews are acted upon
and progress reports are provided to customers
Reviewing service scope, SLAs, OLAs and other agreements on a regular basis,
ideally at least annually
Ensuring that all Changes are assessed for their impact on service levels,
including SLAs, OLAs and Underpinning Contracts, including attendance at
CAB meetings if appropriate
Identification of all key stakeholders and customers
Developing relationships and communication with stakeholders, customers and
key users
Definition and agreement of complaints and their recording, management,
escalation where necessary and resolution
Definition recording and communication of all complaints
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
There are a number of sources of information that interfaces and are relevant to the
Service Level Management process. These should include:
Business information: from the organization’s business strategy, plans, and
financial plans and information on their current and future requirements
The strategies, policies and constraints from Service Strategy
The Service Portfolio and Service Catalog
Continuous Service Improvement — Service Improvement Program/Plan (SIP): An
overall program or plan of prioritized improvement actions, encompassing all
services and all processes, together with associated impacts and risks
Service Knowledge Management System: Containing information on the
relationships between the business services, the supporting services and the
technology
Advice, information and input from any of the other processes, for example,:
• Incident Management — Number/period of incidents, major incidents
• Capacity Management, Availability and IT Services Continuity
Management — understand risks, options and Business Impact Analysis
• Change Management — Information such as a Change Schedule and a
need to assess all changes for their impact on all services
Together with the existing SLAs, SLRs, and OLAs and past service reports on the
quality of service delivered.
Availability Management
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Availability Management
• Objectives
• Basic concepts
• Roles
Service
Service
Strategy
ITIL
The Availability Management process ensures that the level of service availability
delivered in all services is matched to or exceeds the current and future agreed needs
of the business, in a cost effective manner.
Availability Management provides a point of focus and management for all
availability related issues, relating to both services and resources, ensuring that
availability targets in all areas are measured and achieved.
The objectives of Availability Management are:
To produce and maintain an appropriate and up to date Availability Plan, which
reflects the current and future needs of the business
To provide advice and guidance to all other areas of the business and IT on all
availability related issues
To ensure that service availability achievements meet or exceed all of their
agreed targets, by managing services and resources related availability
performance
To assist with the diagnosis and resolution of availability related incidents and
problems
To asses the impact of all changes on the Availability Plan and the performance
and capacity of all services and resources
To ensure that proactive measures to improve the availability of services are
implemented wherever it is cost justifiable to do so
Service
Service
Strategy
ITIL
Basic concepts (1 of 6)
• Availability Management process includes
– Proactive activities
• Design and planning activities
• Planning, design and improvement of availability
– Reactive activities
• Operational activities
• Monitoring, measuring, analysis and management of all events,
incidents and problems involving unavailability
Reactive activities
Monitor, measure,
analyse report & review
service & component Availability
availability Management
Information System
(AMIS)
Investigate all service &
component unavailability &
investigate remedial action Availability
Management
reports
Availability
design criteria
Implement cost – Review all new &
justifiable counter changed services & test
measures all availability & resilience
mechanisms Availability
testing
schedule
Service
Service
Strategy
ITIL
Basic concepts (2 of 6)
• Availability
– The ability of a service, component or configuration item to
perform its agreed function when required
– Often measured and reported as a percentage
Note
Although downtime is included in the above calculation only when it occurs
within the Agreed Service Time (AST), total downtime should also be recorded
and reported.
The most important measurements are those that reflect availability from the business
and user perspective.
Reliability, Maintainability and Serviceability will be explained in the next slides and
notes.
Service
Service
Strategy
ITIL
Basic concepts (3 of 6)
• Reliability
– Measure of how long a service, component or CI can perform
its agreed function without interruption
• Maintainability
– Measure of how quickly and effectively a service, component or
CI can be restored to normal working after a failure
• Serviceability
– Ability of a third party supplier to meet the terms of their
contract
Reliability
A measure of how long a service, component or CI can perform its agreed function
without interruption. The reliability of the service can be improved by increasing the
reliability of individual components or by increasing the resilience of the service to
individual component failure (i.e. increasing the component redundancy, for
example, by using load balancing techniques).
Definition of resilience – the capability of a set of CIs to continue to provide a
required function when one or more CIs in the set have suffered a failure.
Reliability is often measured and reported as Mean Time Between Service Incidents
(MTBSI) or Mean Time Between Failures (MTBF):
Available time in hours
Reliability (MTBSI in hours ) = -------------------------------------------
Number of breaks
Maintainability
A measure of how quickly and effectively a service, component or CI can be restored
to normal working after a failure. It is measured and reported as Mean Time To
Restore Service (MTRS) and should be calculated using the following formula:
Total Downtime in hours
Maintainability (MTRS in hours) = -------------------------------------------------------
Number of service breaks
Serviceability
The ability of a third party supplier to meet the terms of their contract. Often this
contract will include agreed levels of availability, reliability and/or maintainability
for a supporting service or component.
Service
Service
Strategy
ITIL
Basic concepts (4 of 6)
Incident Incident Incident
start start start
Diagnose Recover
Time
Service
Service
Strategy
ITIL
Basic concepts (5 of 6)
• Vital Business Function (VBF)
– A Function of a Business Process which is critical to the success
of the Business.
• High Availability
– Minimizing or hiding the effects of a component failure
• Fault Tolerance
– Ability of an IT service, component or CI to operate correctly
after component failure
High Availability
A characteristic of the IT Service that minimizes or masks the effects of IT component
failure to the users of a service.
Fault Tolerance
The ability of an IT service, component or CI to continue to operate correctly after
failure of a component part.
Service
Service
Strategy
ITIL
Basic concepts (6 of 6)
• Continuous Operation
– Approach or design to eliminate planned downtime of a service
• Continuous Availability
– Approach or design to achieve 100% availability
– An IT service that has no planned or unplanned downtime
Continuous Operation
An approach or design to eliminate planned downtime of an IT service. Note
that individual components or CIs may be down even though the IT service
remains available.
Continuous Availability
An approach or design to achieve 100% availability
An IT service that has no planned or unplanned downtime
Service
Service
Strategy
ITIL
The Availability Manager is the process owner that has responsibility for ensuring
that the aims of Availability Management are met. This includes responsibilities such
as:
Ensuring that all new services are designed to deliver the levels of availability
required by the business
Ensuring that all existing services deliver the levels of availability agreed with the
business in SLAs
Creation and maintenance of an availability plan
Assessing changes for their impact on all aspects of availability including overall
service availability and the Availability Plan
To be responsible for the monitoring of IT components and actual IT Services
availability achieved against SLA, creating relevant reports
To proactively improve service availability wherever possible and to optimize the
availability of the IT infrastructure to deliver cost effective improvements that
deliver tangible benefits to the business
Assisting with the investigation and diagnosis of all incidents and problems
which cause availability issues or unavailability of services or components
Service
Service
Strategy
ITIL
Service
Service
Strategy
ITIL
The term “information” is used as a general term and includes data stores, databases
and metadata.
The objective of information security is to protect the interests of those relying on
information, and the systems and communications that deliver the information, from
harm resulting from failures of availability, confidentiality, and integrity.
For most organizations, the security objective is met when:
Information is available and usable when required, and the systems that provide
it can appropriately resist attacks and recover from or prevent failures
(availability)
Information is observed by or disclosed to only those who have a right to know
(confidentiality)
Information is complete, accurate and protected against unauthorized
modification (integrity)
Business transactions as well as information exchanges between enterprises, or
with partners can be trusted (authenticity and non-repudiation)
To achieve effective information security governance, management must establish
and maintain an Information Security Management System (ISMS) to guide the
development and management of a comprehensive information security program that
supports the business objectives.
Service
Service
Strategy
ITIL
Basic concepts
• Information Security Policy
• Information Security Management System (ISMS)
• Risk analysis and risk management
• Security controls
Threat
Prevention/ Evaluation/
Reduction Reporting
Incident
Direction/ Evaluation/
Repression Reporting
Damage
Correction/ Evaluation/
Recovery Reporting
Control
The set of security controls should be designed to support and enforce the ISP
and to minimize all recognized and identified threats. The controls would be
considerably more cost effective if included within the design of all services. This
will ensure the continued protection of all existing services and that new services
and access to them are in line with the ISP.
Security measures can be used in a specific stage in the prevention and
handling of security incidents, as illustrated in the above diagram. Security
incidents are not solely caused by technical threats – statistics show that, for
example, the large majority stem from human errors (intended or not) or
procedural errors, and often have implications in other fields such as safety,
legal or health.
Service
Service
Strategy
ITIL
The Security Manager has responsibility for ensuring that the aims of Information
Security Management are met. This includes such tasks and responsibilities as:
Developing and maintaining the Information Security Policy and a supporting set
of specific policies, ensuring appropriate authorization, commitment and
endorsement from senior IT and business management
Communication and publicizing of the Information Security Policy to all
appropriate parties
Ensuring that the Information Security Policy is enforced and adhered to
Identifying and classifying IT and information assets (Configuration Items) and
the level of control and protection required
Assisting with Business Impact Analyses
Performing security risk analysis and risk management in conjunction with
Availability and IT Service Continuity Management
Designing security controls and developing security plans
Developing and documenting procedures for operating and maintaining security
controls
Monitoring and managing all security breaches and handling security incidents,
taking remedial action to prevent recurrence wherever possible
Reporting, analysis and reduction of the impact and volumes of all security
incidents in conjunction with Problem Management
Promoting education and awareness of security
Maintaining a set of security controls and documentation and regularly
reviewing and auditing all security controls and procedures
Ensuring all changes are assessed for impact on all security aspects including
the Information Security Policy and security controls and attendance at CAB
meetings when appropriate
Performing security tests
Participating in any security reviews arising from security breaches and
instigating remedial actions
Ensuring that the confidentiality, integrity and availability of the services are
maintained at the levels agreed in the SLAs and conform to all relevant statutory
requirements
Ensure that all access to services by external partners and suppliers is subject to
contractual agreements and responsibilities
Act as a focal point for all security issues
Supplier Management
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Supplier Management
• Objectives
• Basic concepts
• Roles
The goal of the Supplier Management process is to manage suppliers and the
services they supply, to provide seamless quality of IT service to the business,
ensuring value for money is obtained.
Service
Service
Strategy
ITIL
The Supplier Management process ensures that suppliers and the services they
provide are managed to support IT service targets and business expectations.
The main objectives of the Supplier Management process are to:
Obtain value for money from suppliers and contracts
Ensure that underpinning contracts and agreements with suppliers are aligned to
business needs and support and align with agreed targets in SLRs and SLAs, in
conjunction with SLM
Manage relationships with suppliers
Manage supplier performance
Negotiate and agree contracts with suppliers and manage them through their
lifecycle
Maintain a supplier policy and a supporting Supplier and Contract Database
(SCD)
Service
Service
Strategy
ITIL
Establish new
Supplier categorization suppliers & contracts
& maintenance of the
SCD
The Supplier Management process attempts to ensure that suppliers meet the terms,
conditions and targets of their contracts and agreements, while trying to increase the
value for money obtained from suppliers and the services they provide.
All Supplier Management process activity should be driven by a supplier strategy
and policy from Service Strategy.
In order to achieve consistency and effectiveness in the implementation of the policy
a Supplier and Contract Database (SCD) should be established as illustrated in the
slide, together with clearly defined roles and responsibilities.
Ideally the SCD should form an integrated element of a comprehensive CMS or
SKMS, recording all supplier and contract details, together with details of the type of
service(s) or product(s) provided by each supplier, and with all other information and
relationships with other associated CIs.
The services provided by suppliers will also form a key part of the Service Portfolio
and the Service Catalog. The relationship between the supporting services and the IT
and business services they support are key to providing quality IT services.
This information within the SCD will provide a complete set of reference information
for all Supplier Management procedures and activities:
Supplier categorization and maintenance of the Supplier and Contracts
Database (SCD)
Evaluation and set up of new suppliers and contracts
Establish new suppliers
Supplier and Contract Management and performance
Contract renewal and termination
The first two elements within the above list are covered within the Service Design
stage.
The third element is part of Service Transition and the last two are part of the Service
Operation stage.
Service
Service
Strategy
ITIL
Capacity Management
Service
Service
Design
Design
Service
Service
Strategy
ITIL
Capacity Management
• Objectives
• Basic concepts
• Roles
Capacity Management is a process that extends across the Service Lifecycle. A key
success factor in managing capacity is ensuring it is considered during the Design
stage, and this is the reason that the Capacity Management Process is included in
the Design stage.
Capacity Management is supported initially in Service Strategy where the decisions
and analysis of business requirements, customer outcomes influences the
development of patterns of business activity (PBA), levels of service (LOS) and service
level packages (SLPs) are identified. This provides the predictive and ongoing
capacity indicators needed to align capacity to demand.
Service
Service
Strategy
ITIL
The Capacity Management process ensures that cost justifiable IT capacity always
exists in all areas of IT, and is matched to the current and future agreed needs of the
business, in a timely manner.
Capacity Management provides a point of focus and management for all capacity
and performance related issues, relating to both services and resources.
The objectives of Capacity Management are:
To produce and maintain an appropriate and up to date Capacity Plan, which
reflects the current and future needs of the business
To provide advice and guidance to all other areas of the business and IT on all
capacity and performance related issues
To ensure that service performance achievements meet or exceed all of their
agreed performance targets, by managing the performance and capacity of
both services and resources
To assist with the diagnosis and resolution of performance and capacity related
incidents and problems
To asses the impact of all changes on the Capacity Plan and the performance
and capacity of all services and resources
To ensure that proactive measures to improve the performance of services are
implemented wherever it is cost justifiable to do so
Service
Service
Strategy
ITIL
Capacity Management ensures that the capacity and performance of the IT services
and systems matches the evolving agreed demands of the business in the most cost-
effective and timely manner. Capacity Management is essentially a balancing act:
Balancing costs against resources needed: The need to ensure that processing
Capacity that is purchased is not only cost justifiable in terms of business need,
but also the need to make the most efficient use of those resources.
Balancing supply against demand: The need to ensure that the available supply
of IT processing power matches the demands made on it by the business, both
now and in the future; it may also be necessary to manage or influence the
demand for a particular resource.
Capacity Management processes and planning must be involved in all stages of the
service lifecycle from strategy and design through transition and operation to
improvement.
Service Portfolio
Business
requirement
Capacity &
Performance reports
SLA/SLR IT service
Improve current service
design
& component capacity
Capacity Management
Information System
Assess, agree & (CMIS)
Service
document new
Capacity Management
requirement & capacity
Component
Plan new capacity
Capacity Management Forecasts
Capacity Plan
Capacity
Management Tools
Service
Service
Strategy
ITIL
A Capacity Manager, as the process owner, has responsibility for ensuring that the
aims of Capacity Management are met. This includes such tasks as:
Capacity Management has overall responsibility for ensuring that there is
adequate IT Capacity to meet required levels of service and for ensuring that
senior IT management is correctly advised on how to match Capacity and
demand, and to ensure that use of existing Capacity is optimized
Forecasting future capacity requirements based on business plans, usage trends,
sizing of new services, etc.
Identifying with the Service Level Manager, capacity requirements through
discussions with the business users
Understanding the current usage of the infrastructure and IT services, and the
maximum capacity of each component
Production, regular review and revision of the Capacity Plan, in line with the
organization’s business planning cycle, identifying current usage and forecast
requirements during the period covered by the plan
Identifying and initiating any tuning to be carried out to optimize and improve
capacity or performance
Note
Both Service Level Manager and Technical and Application Management are
outlined elsewhere in the student notes.
Service
Service
Strategy
ITIL
ITSCM — Objectives
Service
Service
Design
Design
Service
Service
Strategy
ITIL
ITSCM — Objectives
• To maintain Service Continuity and IT Recovery plans that
support the Business Continuity plans
• To complete regular Business Impact Analysis exercises to
ensure that plans are current and relevant
• To conduct regular risk assessment and management
activities
• To provide advice and guidance on issues related to Service
Continuity
• To implement measures to meet or exceed Business Continuity
targets
• To check the impact of changes on existing plans
• To negotiate necessary contracts with suppliers
Service
Service
Strategy
ITIL
ITSCM is a cyclic process through the lifecycle to ensure that once service continuity
and recovery plans have been developed they are kept aligned with Business
Continuity Plans (BCPs) and business priorities. The diagram also shows the role
played within the ITSCM process of BCM.
Service
Service
Strategy
ITIL
Manual workarounds
It is possible for certain types of services that manual workarounds can be an
effective interim measure for a limited time frame of around 2 or 3 days until the IT
Service is resumed. For instance a Service Desk call logging service could survive for
a limited time using paper forms linked to a laptop computer with a spreadsheet.
Reciprocal arrangements
In the past reciprocal arrangements were typical contingency measures where
agreements were put in place with another organization using similar technology.
This is no longer effective or possible for most types of IT systems but can still be used
in special specific cases. Examples: setting up of an agreement to share high speed
printing facilities or off-site storage of backups and other critical information.
Immediate recovery
This option (also often referred to as ‘Hot Standby’, ‘mirroring’, ‘load balancing’ or
’split site’), provides for immediate restoration of services, with no loss of service. For
business critical services, organizations requiring continuous operation will provide
their own facilities within the organization but not on the same site as the normal
operations. Sufficient IT equipment will be “dual located” in either an owned or
hosted location to run the compete service from either location in the event of loss of
one facility, with no loss of service to the customer. The second site can then be
recovered whilst the service is provided from the single operable location.
This is an expensive option but may be justified for critical business processes or
VBFs where non-availability for a short period could result in a significant impact or
where it would not be appropriate to be running IT services on a third party’s
premises for security or other reasons. The facility needs to be located separately
and far enough away from the home site that it will not be affected by a disaster
affecting that location.
However, these mirrored servers and sites options, should be implemented in close
liaison with Availability Management as they support services with high levels of
availability.
ITSCM — Roles
Service
Service
Design
Design
Service
Service
Strategy
ITIL
ITSCM — Roles
• Service Continuity Manager
– Process Owner for ITSCM
– Responsible for producing, testing and maintaining service
continuity plans
– Part of overall Business Continuity Team
The Service Continuity Manager, as the ITSCM process owner, has responsibility for
ensuring that the aims of Service Continuity Management are met.
This includes such tasks and responsibilities as:
To implement and maintain the ITSCM process in accordance with the overall
requirements of the organization’s Business Continuity Management process
To represent the IT services function within the Business Continuity Management
process
To Perform Business Impact Analyses for all existing and all new services
Performing risk assessment and risk management to prevent disasters where cost
justifiable and where practical
Assessing potential service continuity issues and invoking the Service Continuity
Plan if necessary and managing the Service Continuity Plan while it is in
operation, including fail-over to a secondary location and restoration to the
primary location
Performing post mortem reviews of service continuity tests and invocations and
instigating corrective actions where required
Ensure that all IT service areas are prepared and able to respond to an
invocation of the continuity plans, while maintaining a comprehensive IT testing
schedule, including the testing of all continuity plans in line with business
requirements and after every major business change
Communicate and maintain awareness of ITSCM objectives within the business
areas supported and IT Service areas
Undertake regular reviews, at least annually, of the Continuity plans with the
business areas to ensure that they accurately reflect the business needs
Negotiate and manage contracts with providers of third party recovery services
Assessing changes for their impact on service continuity and Continuity Plans,
and attending CAB meetings when appropriate
Service Strategy
Service
Strategy
ITIL
Service Strategy
• Key concepts
– Utility and Warranty
– Value Creation
– Service Provider
– Delivery Model Options
– Service Model
• Processes
– Service Portfolio Management (SPM)
– Demand Management
– Financial Management
ITIL
From the customer’s perspective, value consists of two primary elements: Utility or
fitness for purpose and warranty or fitness for use.
Utility is derived from the attributes of the service that have a positive effect on the
performance of activities, objects, and tasks associated with desired outcomes.
Removal or relaxation of constraints on performance is also perceived as a positive
effect.
Warranty is derived from the positive effect being available when needed, in
sufficient capacity or magnitude, and dependably in terms of continuity and security.
Utility is what the customer gets, and warranty is how it is delivered.
Customers cannot benefit from something that is fit for purpose but not fit for use and
vice versa. It is useful to separate the logic of utility from the logic of warranty for the
purpose of design, development, and improvement. Considering all the separate
controllable inputs allows for a wider range of solutions to the problem of creating,
maintaining, and increasing value.
Value creation
Service
Strategy
ITIL
Value creation
Return on
assets
Service
Performance Utility
Performance of + average
customer assets
- Performance
variation
Warranty
There is skepticism about the value realized from services when there is uncertainty in
the service output. Costs are certain but utility may vary from one unit of output to
another. When the utility of a service is not backed up by warranty, customers worry
about possible losses due to poor service quality more than the possible gains from
receiving the promised utility. To allay such concerns and influence customer
perceptions of possible gains and losses, it is important that the value of a service is
fully described in terms of utility and warranty.
The utility effect of a service is explained as the increase in possible gains from the
performance of customer assets, leading to increase in the probability of achieving
outcomes.
Warranty of services is explained as the decrease in possible losses for the customer
from variation in performance. Customers feel more certain that every unit of demand
for service will be fulfilled with the same level of utility with little variation.
This approach can change customer perceptions of uncertainty in the promised
benefits of a service. Customers expect to see a strong link between the utilization of
a service and the positive effect on the performance of their own assets leading to
higher return on assets.
A mere graphic is however not sufficient to convince customers. They must be assured
of the actual mental mapping made by groups engaged in different parts of the
Service Lifecycle. Customers may also expect evidence that policies, procedures, and
guideline are in place to uncover all costs and risks associated with service delivery
and support. In the absence of such institutionalized practice, the promise of a
service can just as easily turn to peril during the course of carrying out the terms of
the contract or service agreement.
Service Provider
Service
Strategy
ITIL
Service Provider
An organization supplying services to one or more internal
customers or external customers
• Type 1
– Internal
– Embedded in the business unit it serves
• Type 2
– Shared
– Provide services to multiple business units
• Type 3
– External
– Provide services to many customers
The primary objectives of Type I providers are to achieve functional excellence and
cost effectiveness for their business units. They specialize to serve a relatively narrow
set of business needs. Services can be highly customized and resources are
dedicated to provide relatively high service levels. The governance and
administration of business functions are relatively straightforward. The decision rights
are restricted in terms of strategies and operating models. The general managers of
business units make all key decisions such as the portfolio of services to offer, the
investments in capabilities and resources, and the metrics for measuring performance
and outcomes.
Type I providers operate within internal market spaces. Their growth is limited by the
growth of the business unit they belong to. Each business unit (BU) may have its own
Type I provider. The success of Type I providers is not measured in terms of revenues
or profits because they tend to operate on a cost-recovery basis with internal funding.
All costs are borne by the owning business unit or enterprise.
Corporate
(Corporate Business
Function)
Competition for Type I providers is from providers outside the business unit such as
corporate business functions, who wield advantages such as scale, scope, and
autonomy. In general, service providers serving more than one customer face much
lower risk of market failure. With multiple sources of demand, peak demand from
one source can be offset by low demand from another. There is duplication and
waste when Type I providers are replicated within the enterprise.
To leverage economy of scale and economy, Type I providers of similar
characteristics and are consolidated into a corporate business function. At this level
of aggregation Type I providers balance enterprise needs with those at the business
unit level. The trade-offs can be complex and require a significant amount of
attention and control by senior executives. As such, consolidated Type I providers are
more appropriate where classes of assets such as IT, R&D, marketing, or
manufacturing are at the core of the organization’s competitive advantage and
therefore need careful control.
Corporate
(Corporate Business
Function)
Human Resources
Service
catalogue
Finance &
Administration
Service
catalogue Customer Care
Service
catalogue
Logistics
Service
catalogue Information
Technology
Service
catalogue
BU: Business Unit
SSU: Shared Services Unit
From a certain perspective, Type III providers are operating under an extended large
scale shared services model. They assume a greater level of risk from their customers
compared to Type I and Type II. But their capabilities and resources are shared by
their customers - some of whom may be rivals. This means that rival customers have
access to the same bundle of assets, thereby diminishing any competitive advantage
those assets bestowed.
Security is always an issue in shared services environments. But when the
environment is shared with competitors, security becomes a larger concern. This is a
driver of additional costs for Type III providers. As a counter-balance, Type III
providers mitigate a type of risk inherent to Type I and II: Business functions and
shared service units are subject to the same system of risks as their business unit or
enterprise parent. This sets up a vicious cycle whereby risks faced by the business
units or the enterprise are transferred to the service units and then fed back with
amplification through the services utilized. Customers may reduce systemic risks by
transferring them to external service providers who spread those risks across a larger
value network.
Corporate
(Corporate Business
Function)
Alpha Co.
Service
catalogue
Beta Inc.
Service
catalogue
Service
catalogue
Gamma Ltd.
Service
catalogue
Delta Plc.
Service
catalogue
ITIL
Insourcing Utilizing internal organizational resources for all stages in the lifecycle
Co-sourcing The combination of Insourcing and Outsourcing to co-source key elements within the
lifecycle
Partnership or Multi- Formal arrangement between 2 or more organizations to work together. Focus on
sourcing strategic partnerships to leverage expertise or market opportunities
Business Process Formal arrangement between two organizations to relocate and manage an entire
Outsourcing (BPO) business function (for example payroll, call-centre) from a low-cost location
Application Service Formal agreement with an Application Service Provider (ASP) to provide shared
Provision computer based services over a network (sometimes called ‘on-demand’
software/applications)
Knowledge Process Provision of domain based processes and business expertise requiring advanced
Outsourcing (KPO) analytical and specialist skills from the outsourcer
Service Model
Service
Strategy
ITIL
Service Model
• Graphical representation of
the components that make up
a service
• Documents workflow and
dependencies
• Used to support design,
analysis and communication
Service Models codify the service strategy for a market space. They are blueprints by
service management process and functions to communicate and collaborate on value
creation. Service Models describe how service assets interact with customer assets
and create value for a given portfolio of contracts (see diagram on the next page).
Interaction means demand connects with the capacity to serve. Service agreements
specify the terms and conditions under which such interaction occurs with
commitments and expectations on each side. The outcomes define the value to be
created for the customer which itself rests on the utility provided to customers and the
warranty.
Service Service
assets Models
Service Models codify the structure and dynamics of services. The structure and
dynamics are influenced by factors of utility and warranty to be delivered to
customers. The structure and dynamics have consequences for Service Operations
which are evaluated by Service Transition.
Structure is defined in terms of particular service assets needed and the patterns in
which they are configured. Service models also describe the dynamics of value-
creation. Activities, flow of resources, coordination, and interactions describe the
dynamics. This includes the cooperation and communication between service users
and service agents. The dynamics of a service include patterns of business activity,
demand patterns, exceptions and variations.
The methods and tools of systems engineering and workflow management are useful
for developing the process maps, workflow diagrams, queuing models, and activity
patterns necessary for completeness of service models. Service Transition evaluates
detailed service models to ensure they are fit for purpose and fit for use before
entering Service Operation through the Service Catalog. It is necessary for service
models to be under change control because the utility and warranty of a service can
have undesired variation if there are changes to the service assets or their
configuration. The integrity of a service model depends on the integrity of the
structure.
Service models are useful for effectiveness in Continual Service Improvement.
Improvements can be made to the structure or the dynamics of a model. Service
Transition evaluates the options or paths for improvements and recommends solutions
that are cost-effective and low-risk. Service models continually evolve, based on
external feedback received from customers and internal feedback from service
management processes. CSI processes ensure the feedback to the strategy, design,
transition, and operation processes.
Main activities
Main activities
• Define the market
– Evaluate the services you could potentially offer, and who you may be
able to offer them to!
• Develop the offerings
– Continue to formulate the services you think it will be worthwhile
pursuing
– Utility and Warranty are considered at this stage
• Develop strategic assets
– Look for opportunities to exploit your services and capabilities (to
allow more services to more customers)
– Develop Service Management so that it becomes a strategic asset
• Prepare for execution
– Take all the necessary steps to ensure that we are ready to go ahead
and it is worthwhile doing so
ITIL
ITIL
ITIL
Basic concepts
• Business Service
– A service that directly supports a business process
• IT Service
– A service that the business does not think of in business context
or semantics
• Business Service Management
– Considering service management in terms of business processes
and business value
Business
Process IT Application
Management Information
Management Information
Knowledge Infrastructure
Knowledge Infrastructure
Utility Utility
Warranty Warranty
ITIL
Business
Service
Management
IT Systems
Management IT Activity
Infrastructure
and Application
Technology Activity
Resources
Value to IT
© Crown Copyright 2007. Reproduced under licence from OGC.
The IT Management Continuum
ITIL
• Inventories
Define • Business Case
• Value proposition
Analyze • Prioritization
• Service Portfolio
Approve
• Authorization
• Communication
Charter • Resource allocation
If we think of SPM as a dynamic and ongoing process set, it should include the
following work methods:
Define: Inventory services, ensure business cases and validate portfolio data
Analyze: Maximize portfolio value, align and prioritize and balance supply and
demand
Approve: Finalize proposed portfolio, authorize services and resources
Charter: Communicate decisions, allocate resources and charter services
ITIL
Product Manager is a key role within Service Portfolio Management (See following
figure). The role is responsible for managing services as a product over their entire
lifecycle from concept to retirement through design, transition, and operation. They
are instrumental in the development of Service Strategy and its execution through the
Service Lifecycle in a high-performing portfolio of services. Product Managers bring
coordination and focus to the organization around the Service Catalog of which they
maintain ownership. They work closely with Business Relationship Managers (BRM)
who bring coordination and focus to the Customer Portfolio.
Business Relationship Managers (BRMs) are responsible for gaining insight into the
customer's business and having good knowledge of customer outcomes. This is
essential to developing a strong business relationship with customers. They are
'customer focused' and manage opportunities through a Customer Portfolio. In many
organizations BRMs are known as Account Managers, Business Representatives and
Sales Managers.
Director of
Service Management
Perspective
Financial
Compliance
Management
People Audit
Assets
Positions
Business Service
Relationship Organization Sourcing
Portfolio
Management Development Management
Management
Continual Service
Service Design Service Transition Service Operation
Improvement
Product Managers are recognized as the subject matter experts on Lines of Service
(LOS) and the Service Catalog. They understand Service Models and their internal
structure and dynamics to be able to effectively drive changes and improvements.
They have a consolidated view of costs and risks across LOS just as BRM maintain a
similar view across customers and contracts.
Lines of Sources of
service Service demand
Catalogue
Demand Management
Service
Strategy
ITIL
Demand Management
• Objectives
• Basic concepts
• Roles
ITIL
Business processes are the primary source of demand for services. Patterns of
business activity (PBA) influence the demand patterns seen by the service providers. It
is very important to study the customer’s business to identify, analyze, and codify
such patterns to provide sufficient basis for capacity management. Visualize the
customer’s business activity and plans in terms of the demand for supporting
services.
ITIL
Basic concepts (1 of 3)
• Core Service
– An IT Service that delivers outcomes desired by one or more
customers
• Supporting Service
– A service that enables or enhances a core service. For example
• A directory service or a backup service
Core services deliver the basic outcomes desired by the customer. They represent the
value that the customer wants and for which they are willing to pay. Core services
anchor the value-proposition for the customer and provide the basis for their
continued utilization and satisfaction. Supporting services either enable or enhance
the value-proposition. Enabling Services are Basic Factors and Enhancing Services
are Excitement Factors.
For example, the core service of a bank could be providing financial capital to small
and medium enterprises. Value is created for the bank’s customer only when the
bank can provide financial capital in a timely manner (after having evaluated all the
costs and risks of financing the borrower). The supporting services could include the
aid offered by loan officers in assessing working capital needs and collateral, the
application processing service, flexible disbursement of loan funds, and the facility of
a bank account into which the borrower can electronically transfer funds. The credit-
reporting service that the lending department utilizes for evaluating credit-reporting,
may be a core service provided to the loan officers by internal or external service
providers. It is not a supporting service to borrowers because they are not its users.
Supporting services for the loan officers could include a service desk that provides
technical support for the credit reporting service, e-mail, and voice-mail. These
services support the outcome of approving loans to credit-worthy customers in an
efficient and timely manner, compliant with all policies, procedures, and regulations.
ITIL
Basic concepts (2 of 3)
• Pattern of Business Activity (PBA)
– Workload profile of one or more business activities
– Varies over time
– Represents changing business demands
• User Profile
– Pattern of user demand for IT Services
– Each user profile includes one or more PBAs
Business activities drive demand for services. Customer assets such as People,
Processes, and Applications generate patterns of business activity (PBA). PBA define
dynamics of a business and include interactions with customers, suppliers, partners,
and other stakeholders. Services often directly support PBA. Since PBA generate
revenue, income, and costs they account for a large proportion of business outcomes.
Patterns of business activity (PBA) are identified, codified, and shared across process
for clarity and completeness of detail. One or more attributes such as frequency,
volume, location, and duration describe business activity. They are associated with
requirements such as security, privacy, and latency or tolerance for delays. This
profile of business activity can change over time with changes and improvements in
business processes, people, organization, applications, and infrastructure. PBA are
placed under change control.
Each PBA has to be substantially different from another PBA in order to be coded
with a unique reference. Codifying patterns helps multidimensional analysis using
criteria such as likeness and nearness. This provides efficiency and robustness in
developing a catalog of patterns with simplification and standardization to reduce
the number of patterns, make analysis easier, and avoid complicated solutions.
User profiles (UP) are based on roles and responsibilities within organizations for
People, and functions and operations for Processes and Applications. As suggested
earlier, business processes and applications are treated as users in many business
contexts. Many processes are not actively executed or control by staff or personnel.
Process automation allows for processes to consume services on their own. Processes
and applications can have user profiles. Whether they should is a matter of
judgment.
Each UP can be associated one or more PBA. This allows aggregations and relations
between diverse PBS connected by the interactions between their respective UPs.
User profiles (UP) are constructed using one ore more pre-defined PBA. They are also
under change control. UPs represent patterns that are persistent and correlated.
Pattern matching using PBA and UP ensure a systematic approach to understanding
and managing demand from customers. They also require customers to better
understand their own business activities and view them as consumers of services and
producers of demand. When they are used to communicate demand, service
providers have the information necessary to sort and serve the demand with
appropriately matched services, service levels, and service assets. This leads to
improved value for both customers and service providers by eliminating waste and
poor performance.
UP communicate information on the roles, responsibilities, interactions, schedules,
work environments, and social context of related users.
ITIL
Basic concepts (3 of 3)
• Service Package
– Detailed description of a service
– Includes a service level package and one or more core services
and supporting services.
• Service Level Package
– Defined level of utility and warranty for a particular service
package
– Designed to meet the needs of a PBA. For example
• Gold, Silver or Bronze service
Service Packages
The packing of core and supporting services is an essential aspect of market strategy.
Service providers should conduct a thorough analysis of the prevailing conditions in
their business environment, the needs of the customer segments or types they serve,
and the alternatives that are available to those customers. The decisions are strategic
because they hold a long-term view for maintaining value for customers even as
industry practices, norms, technologies, and regulations change.
The matter of bundling supporting services with core services has implications on
service operations and challenges for the design, transition, and improvement
processes. The costs and risks for supporting services may be overlooked during
initial stages of planning and development. Not only that, since supporting services
are often shared by several core services, there is often poor visibility and control
over the demand for supporting services and their consumption.
While service providers must focus on the effective delivery of value from core
services, they should also devote enough attention to the supporting services.
Satisfaction surveys show that user dissatisfaction is often with supporting services
even where the core service is being effectively delivered.
Some supporting services, such as help desk or technical support services typically
bundled with most service packages can also be offered on their own. This is an
important consideration in strategic planning and reviews. Service providers may
adopt different strategies for core services and supporting services. For example, they
can drive standardization and consolidation for supporting services to leverage
economies of scale and to reduce operating costs, while developing core service
packages specifically designed for particular customers. Or they may standardize on
the core service package and use supporting services to differentiate the offerings
across customers or market segments. These strategic decisions can have enormous
implications on the overall success of a service provider at the portfolio level. This is
particularly important for service providers who need to balance the differing needs
of typically not one but several enterprises or business units while trying to either
keep costs down across that portfolio to remain competitive.
ITIL
Financial Management
Service
Strategy
ITIL
Financial Management
• Objectives
• Basic concepts
• Roles
ITIL
Operational visibility, insight and superior decision making are the core capabilities
brought to the enterprise through the rigorous application of Financial Management.
Just as business units accrue benefits through the analysis of product mix and margin
data, or customer profiles and product behavior, a similar utility of financial data
continues to increase the importance of Financial Management for IT and the
business as well.
Financial Management as a strategic tool is equally applicable to all three service
provider types. Internal service providers are increasingly asked to operate with the
same levels of financial visibility and accountability as their business unit and
external counterparts. Moreover, technology and innovation have become the core
revenue generating capabilities of many companies.
Financial Management provides the business and IT with the quantification, in
financial terms, of the value of IT services, the value of the assets underlying the
provisioning of those services, and the qualification of operational forecasting.
Talking about IT in terms of services is the crux of changing the perception of IT and
its value to the business. Therefore, a significant portion of Financial Management is
working in tandem with IT and the business to help identify, document and agree
upon the value of the services being received, and the enablement of service
demand modeling and management.
ITIL
Basic concepts (1 of 2)
• Service valuation
– Cost of providing the service
– Value to the customers receiving the service
• Service investment analysis
– Understand the total lifecycle value and costs of proposed new
services or projects
• Accounting
– Keeping track of what has been spent, assigned to appropriate
categories
Service Valuation
Service Valuation quantifies, in financial terms, the funding sought by the business
and IT for services delivered, based on the agreed value of those services. FM
calculates and assigns a monetary value to a service or service component so that
they may be disseminated across the enterprise once the business customer and IT
identify what services are actually desired.
The pricing of a service is the cost-to-value translation necessary to achieve clarity
and influence the demand and consumption of services. The activity involves
identifying the cost baseline for services and then quantifying the perceived value
added by a provider’s service assets in order to conclude a final service value. The
primary goal of Service Valuation is to produce a value for services that the business
perceives as fair, and fulfils the needs of the provider in terms of supporting it as an
ongoing concern. A secondary objective is the improved management of demand
and consumption behavior.
Accounting
Accounting within Financial Management differs from traditional accounting in that
additional category and characteristics must be defined that enable the identification
and tracking of service-oriented expense or capital items.
Financial Management plays a translational role between corporate financial systems
and service management. The result of a service oriented accounting function is that
far greater detail and understanding is achieved regarding service provisioning and
consumption, and the generation of data that feeds directly into the planning
process. The functions and accounting characteristics that come into play are
discussed below:
Service recording — The assignment of a cost entry to the appropriate service.
Depending on how services are defined, and the granularity of the definitions,
there may be additional sub-service components.
Cost Types — These are higher level expenses categories such as hardware,
software, labor, administration, etc. These attributes assist with reporting and
analyzing demand and usage of services and their components in commonly
used financial terms.
ITIL
Basic concepts (2 of 2)
• Business Case
– A decision support and planning tool that predicts outcomes of
a proposed action
– Used to justify investments
• Business Impact Analysis
– Understanding the financial cost of service outages
Business Case
A business case is a decision support and planning tool that projects the likely
consequences of a business action. The consequences can take on qualitative and
quantitative dimensions. A financial analysis, for example, is frequently central to a
good business case.
ITIL
Scope
Scope
• Service Design Tools
• Service Management Tools
• Event Management Tools
• Knowledge Management
Tools
– Configuration Management
System
• Tool selection
There are many tools and techniques that can be used to assist with the design of
services and their associated components.
These tools and techniques enable:
Hardware design
Software design
Environmental design
Process design
Data design
The tools and techniques are many and varied, including both proprietary and non-
proprietary and are useful in:
Speeding up the design process
Ensuring that standards and conventions are followed
Offering prototyping, modeling and simulation facilities
Enabling “What if?” scenarios to be examined
Enable interfaces and dependencies to checked and correlated
Validating designs before they are developed and implemented to ensure that
they satisfy and fulfill their intended requirements
Developing service designs can be simplified by the use of tools that provide
graphical views of the service and its constituent components, from the business
processes, through the service and SLA to the infrastructure, environment, data and
applications, processes, OLAs, teams, contracts and suppliers.
Self Help
Many organizations find it beneficial to offer ‘Self Help’ capabilities to their users.
The technology should therefore support this capability with some form of web front-
end allowing web pages to be defined offering a menu-driven range of self help and
service requests –with a direct interface into the back end process handling software.
Discovery/Deployment/Licensing Technology
In order to populate or verify the CMS data and to assist in License Management,
discovery or automated audit tools will be required. Such tools should be capable of
being run from any location on the network and allow interrogation and recovery of
information relating to all components that make up, or are connected, to the IT
Infrastructure.
Remote Control
It is often helpful for the Service Desk analysts and other support groups to be able to
take control of the user’s desk-top (under properly controlled security conditions) so
as to allow them to conduct investigations or correct settings etc. Facilities to allow
this level of remote control will be needed.
Diagnostic Utilities
It will be extremely useful for Service Desk and other support groups if the technology
incorporated the capability to create and use diagnostic scripts and other diagnostic
utilities (such as, for example, case-based reasoning tools) to assist with earlier
diagnosis of incidents. Ideally these should be ‘context sensitive’ and presentation of
the scripts is automated so far as possible.
Reporting
There is no use storing data unless it can be easily retrieved and used to meet the
organizations purposes. The technology should therefore incorporate good reporting
capabilities, as well as to allow standard interfaces which can be used to input data
to industry-standard reporting packages, dashboards etc. Ideally instant on screen as
well as printed reporting can be provided through the use of context-sensitive ‘top
ten’ reports.
Dashboards
Dashboard type technology is useful to allow ‘see at a glance’ visibility of overall IT
service performance and availability levels. Such displays can be included in
management level reports to users and customers – but can also give real-time
information for inclusion in IT web pages to give dynamic reporting – and can be
used for support and investigation purposes. Capabilities to support customized
views of information to meet specific levels of interest can be particularly useful.
Automation processes
Automating processes
• Automation of service processes helps
– Improve quality
– Reduce costs and risks
– Reduce variationÖincrease warranty
• To get the most benefit
– Simplify processes before automating them
– Clarify activities, information needs, interactions
– In self-service situations, reduce the contact users have with
underlying systems and processes
– Do not be in a hurry to automate tasks and interactions that are
neither simple nor routine
The Event Management tool should cover several layers of individual components
such as Hardware (routers, switches, servers, desktops, printers, etc.), Software
(operational system, applications, etc.) as well as correlating the individual
components with the Service supported by these components. The environment where
the Services and its components are hosted/delivered should also be monitored.
Active versus Passive Monitoring
Active monitoring refers to the ongoing ‘interrogation’ of a device or system to
determine its status. This type of monitoring can be resource intensive and is
usually reserved to proactively monitor the availability of critical devices or
systems; or as a diagnostic step when attempting to resolve an Incident or
diagnose a Problem.
Passive monitoring is more common and refers to generating and transmitting
events to a ‘listening device’ or monitoring agent. Passive monitoring depends
on successful definition of events and instrumentation of the system being
monitored.
Management consoles
Observation and monitoring of the IT Infrastructure from a centralized console –
to which all system events are routed. Historically this involved the monitoring of
the master operations console of one or more mainframes – but these days is
more likely to involve monitoring of a server farm(s), storage devices, network
components, applications, databases – or any other Configuration Items (CIs),
including and remaining mainframe(s) – from a single location, known as the
Operations Bridge.
Integration with Service Management tools
An Event Management tool might not be from the same vendor as the Service
Management tool, but it is paramount that some level of integration – the more
automated, the better – exists between them.
Dashboards and reporting
Good reporting functionality to allow feed-back into design and transition
phases as well a meaningful management information and business user
‘dashboard’.
Benefits
Faster response to incidents – If the event is filtered as an Incident, it can
generate an Incident record so IT can act upon the failure and maybe correct it
even before Users know what happened.
More data available at early stages of incident – let’s suppose Users complain
of a “slow network”; an Event monitoring tool can show the behavior of the
network, the current and historical performance of servers, to help understand
what can be done to restore Services as quickly as possible.
Prevent incidents from being missed – if no monitoring is in place, IT relies
exclusively on its ability to manually check if Services are functioning and on the
Users calling the Service Desk.
Proactively notify users of incidents – it would be a very good customer
experience to let them know that an application is in some kind of error, so
Users can plan ahead their work and avoid using that application but still being
productive.
Ensure standards and rules are followed – creating workflows to follow an
organization standard, or an escalation path, or even responding to an Event
and trying to correct a possible failure is a common feature in many tools.
Ensure current status of services and infrastructure is always known.
Document Management
Document Management defines the set of capabilities to support the storage,
protection, archiving, classification and retirement of documents and information.
Records Management
Records Management defines the set of capabilities to support the storage,
protection, archiving, classification and retirement of records.
Content Management
Content Management is the capability that manages the storage, maintenance and
retrieval of documents and information of a system or website. The result is often a
knowledge asset represented in written words, figures, graphics, and other forms of
knowledge presentation. Examples of knowledge services which directly support
content management are:
Web publishing tools
Web conferencing, wikis, blogs etc
Word processing
Data and financial analysis
Presentation tools
Flow-charting
Content management systems (codify, organize, version control, document
architectures)
Publication and distribution
Knowledge management tools should capture, store, analyze, search, share, present
and review knowledge and information about all processes and services, in all
stages of the Service Lifecycle. In reality the knowledge management system is likely
to have a much narrower scope than this ideal, due to its complex nature.
Benefits
Reduces time and effort for many activities – Take just as one example the time it
would be required to assess the impact and resources needed to implement a
change if no Configuration Management System is in place, and all
relationships between CI’s would need to be gathered and understood before a
decision is made.
Enables organizations to learn - Knowledge puts information into an “ease of
use” form, which can facilitate decision making. For example, in Service
Transition, this knowledge is not solely based on the transition in progress, but is
gathered from experience of previous transitions, awareness of recent and
anticipated changes and other areas that experienced staff will have been
unconsciously collecting for some time.
Enables senior personnel to contribute to improved effectiveness of others - The
purpose of Knowledge Management tools is to ensure that the right information
is delivered to the appropriate place or person at the right time to enable
informed decision; without a tool it would take too much time and effort to find
the required information.
The figure below is a very simplified illustration of the relationship of the three levels
of a Service Knowledge Management System, with data being gathered within the
CMDB, and feeding through the CMS into the SKMS and supporting the informed
decision making process.
Service Knowledge
Decisions
Management System
Configuration Management
Databases
Benefits
Provides information about configuration items when and where it is needed –
This can be used, for example, during Problem Management to understand
trends on incidents in high priority configuration items
Helps to prevent out-of-date information being used — many tools can perform
automatic discovery scans, not only helping in gather up to date information but
also unveiling unauthorized changes
Improves efficiency and effectiveness of all service management processes
Assists in the integration of service management processes
Tool selection
Tool selection
• Create a Statement of Requirements
• Use MoSCoW analysis to define features
– Must, Should, Could, Won’t (but Should in the future)
• Consider vendor and tool credibility
• Visit reference sites
• Assess training needs
• Consider integration with environment
Please note that the documented credits on the above diagram may be subject to change pending the further
development and release of a fully signed off v3 qualifications scheme by the Qualifications Board.
1
The new ITIL qualifications scheme recognizes the value of existing v2 qualifications
and introduces a system that enables an individual to gain credits for ITIL v2 and v3
courses. Once candidates have accumulated a sufficient number of credits they can
be awarded the ITIL Diploma in IT Service Management.
There are four levels within the new scheme namely: Foundation level, two
Intermediate levels, and Advanced level, which is currently under development. To
achieve a diploma, candidates must achieve 22 credits, two of which can be gained
at Foundation level.
The Foundation level focuses on knowledge and comprehension to provide a good
grounding in the key concepts, terminology and processes of ITIL v3. At this level, the
qualification remains very similar to the ITIL v2 Foundation qualification.
In the new intermediate level, there are two streams: a lifecycle stream and a
capability stream. The lifecycle stream is built around the five core OGC books:
Service Strategy, Service Design, Service Transition, Service Operation, and
Continual Service Improvement.
1
Extract from APMG Press release – 5th June 2007 – these credits could change, subject to
Qualifications Board decisions
6–2 © 2007 Hewlett-Packard Development Company, L.P. HF421S B.01
ITIL Qualification Scheme
The intermediate capability stream is built around four clusters: service portfolio &
relationship management; service design & optimization; service monitoring &
control; and service operation & support.
Both intermediate streams assess an individual’s comprehension and application of
the concepts of ITIL v3.
Candidates are able to take units from either of the intermediate streams. These units
give them credits towards a diploma. There is a course – Managing across the
Lifecycle - that brings together the full essence of a lifecycle approach to service
management.
Once someone has gained the requisite number of 22 credits through their
education at foundation and intermediate level they will be awarded the ITIL v3
Diploma. No further examination or course is required to gain the diploma.
The Advanced Level Diploma will assess an individual’s ability to apply and analyze
the ITIL v3 concepts in new areas. This higher Diploma has not been developed at
this stage.
Please note that the documented credits on the above diagram may be subject to change pending the further
development and release of a fully signed off v3 qualifications scheme by the Qualifications Board.
2
Individuals with existing ITIL v2 Qualifications can use those qualifications as credits
towards the diploma.
Any ITIL v2 Manager who wishes to gain the v3 Diploma can take a bridging course
and pass an examination. The three day course covers the new concepts within ITIL
v3 and fully integrates the benefits of the lifecycle approach.
There is a also a one day bridging course at foundation which covers the differences
between v2 and v3 and allows someone to take an exam to demonstrate their
understanding of the ITIL v3 approach.
ITIL v 2 Practitioner qualifications count towards the ITIL Diploma in Service
Management. Depending on whether an individual holds a single topic certificate or
a clustered certificate the credits will vary.
2
Extract from APMG Press release – 5th June 2007 – these credits could change, subject to
Qualifications Board decisions
6–4 © 2007 Hewlett-Packard Development Company, L.P. HF421S B.01
Documentation
Module 7
Contents
The ITIL® Foundation Certificate in IT Service Management – Syllabus
Course satisfaction survey
Version History
Distribution List
Version Name Title / Company
3.0 Examination APM Group (AMPG)
Institute Information Systems Examination Institute (ISEB)
Examination Institute for Information Science (EXIN)
information
The ITIL® Foundation certificate in IT Service Management is not intended to enable the holders
of the certificate to apply the ITIL® practices for Service Management without further guidance.
Candidates can expect to gain competencies in the following upon successful completion of the
education and examination components related to this certification.
Target Group
The target group of the ITIL® Foundation certificate in IT Service Management is drawn from:
• Individuals who require a basic understanding of the ITIL® framework and how it may be
used to enhance the quality of IT service management within an organisation.
• IT professionals that are working within an organisation that has adopted and adapted
ITIL® who need to be informed about and thereafter contribute to an ongoing service
improvement programme.
This may include but is not limited to, IT professionals, business managers and business process
owners.
Candidates for the ITIL® Foundation certificate in IT Service Management have to complete all
units and successfully pass the corresponding examination to achieve certification.
Training providers are free to structure and organize their training in the way they find most
appropriate, provided the units below are sufficiently covered. It is strongly recommended that
training providers do not structure their courses by simply following the order of the training units
as described in this document. It has been designed to be flexible so that training providers can add
value as appropriate.
The units cover the topics listed. The terms emphasized in italics are defined in the ITIL® Glossary.
Unit Content
ITILFND01 Service Management as a practice
The purpose of this unit is to help the candidate to define Service and to
comprehend and explain the concept of Service Management as a practice.
The purpose of this unit is to help the candidate to understand the Service Lifecycle
and explain the objectives and business value for each phase in the lifecycle.
The recommended study period for this unit is minimum 1 hour and 30 minutes.
The purpose of this unit is to help the candidate to define some of the key
terminology and explain the key concepts of Service Management.
Specifically, candidates must be able to define and explain the following key
concepts:
03-1. Utility and Warranty (SS 2.2.2, 3.1.3, ST 3.1.2)
03-2. Resources and Capabilities (SS 3.2.1)
03-3. Service Portfolio (SS 4.2.3, SD 3.6.2)
03-4. Service Catalogue (Business Service Catalogue and Technical Service
Catalogue) (SS 4.2.3.1, SD 3.6.2, 4.1.4)
03-5. The role of IT Governance across the Service Lifecycle (CSI 3.10)
03-6. Business Case (SS 5.2.1, CSI 4.4.1)
03-7. Risk (SS 9.5.1, CSI 5.6.3.2)
03-8. Service Model (SS 7.2.1, SD 3.3, ST 4.5.4.1)
03-9. Service Provider (SD 4.2.4)
03-10. Supplier (SD 4.2.4, 4.7.2)
03-11. Service Level Agreement (SLA) (SD 4.2.4, 4.2.5.1)
03-12. Operational Level Agreement (OLA) (SD 4.2.4)
03-13. Contract (SD 4.7.5.1)
03-14. Service Design Package (SD 3.6.1)
03-15. Availability (SD 4.4.4)
03-16. Service Knowledge Management System (SKMS) (ST 4.7.4.2, SO 4.4.7.2)
03-17. Configuration Item (CI) (ST 4.3.4.2)
03-18. Configuration Management System (ST 4.3.4.3, SO 4.4.7.1)
03-19. Definitive Media Library (DML) (ST 4.3.4.3)
03-20. Service Change (ST 4.2.2)
03-21. Change types (Normal, Standard and Emergency) (ST 4.2.4.3, 4.2.4.4,
4.2.6.9)
03-22. Release Unit (ST 4.4.4.1)
03-23. Seven R’s of Change Management (ST 4.2.6.3)
The ITIL® Foundation Certificate Syllabus
Version 3.0 (Status – Live) Page 4 of 9 Document owner – Chief Examiner
© The APM Group Limited 2007
Unit Content
03-24. Event (SO 4.1)
03-25. Alert (SO 4.1)
03-26. Incident (SO 4.2)
03-27. Impact, Urgency and Priority (SO 4.2.5.4, 4.4.5.4)
03-28. Service Request (SO 4.3)
03-29. Problem (SO 4.4)
03-30. Workaround (SO 4.4.5.6)
03-31. Known Error (SO 4.4.5.7)
03-32. Known Error Data Base (KEDB) (SO 4.4.7.2)
03-33. The role of communication in Service Operation (SO 3.6)
The recommended study period for this unit is minimum 1 hour and 30 minutes.
This unit will probably be covered as part of the training in the other units.
The purpose of this unit is to help the candidate to comprehend and account for
the key principles and models of Service Management and to balance some of the
opposing forces within Service Management.
Service Strategy
04-1. Explain how Service Assets are the basis for Value Creation (SS 3.2.1)
04-2. Describe basics of Value Creation through Services (SS 3.1.1, 3.1.2)
Service Design
04-3. Understand the importance of People, Processes, Products and Partners
for Service Management (SD 2.4.2)
04-4. Discuss the five major aspects of Service Design (SD 3.6):
• Service Portfolio Design
• Identification of Business Requirements, definition of Service
requirements and design of Services
• Technology and architectural design
• Process design
• Measurement design
04-5. Distinguish between different sourcing approaches and options (SD
3.11.1 & Table 3.1)
Service Transition
04-6. Explain the Service V model (ST 4.4.5.1, 4.5.4.7)
Service Operation
04-7. Summarize the following conflicting balances in Service Operation (SO
3.2):
• IT Services versus Technology components
• Stability versus Responsiveness
• Quality of Service versus Cost of Service
The ITIL® Foundation Certificate Syllabus
Version 3.0 (Status – Live) Page 5 of 9 Document owner – Chief Examiner
© The APM Group Limited 2007
Unit Content
• Reactive versus Proactive
The recommended study period for this unit is minimum 2 hours and 30
minutes.
ITILFND05 Processes
The purpose of this unit is to help the candidate understand how the Service
Management processes contribute to the Service Lifecycle, to explain the high level
objectives, scope, basic concepts, activities, key metrics (KPI’s), roles and challenges for
five of the core processes and to state the objectives, some of the basic concepts
and roles for fifteen of the remaining processes.
Service Strategy
05-1. Outline the four main activities in the Service Strategy process
• Define the market (SS 4.1)
• Develop the offerings (SS 4.2)
• Develop strategic assets (SS 4.3)
• Prepare for execution (SS 4.4)
05-2. State the objectives, basic concepts and roles for:
• Service Portfolio Management (SPM) (SS 5.3, 5.4, 11.2.1)
• Demand Management (SS 5.5)
• Financial Management (SS 5.1, 5.1.2)
Service Design
05-3. Explain the high level objectives, scope, basic concepts, process activities,
key metrics (KPI’s), roles and challenges for:
• Service Level Management (SLM) (SD 4.2, 6.4.6, CSI 3.5, 4.6)
Service Transition
05-5. Explain the high level objectives, scope, basic concepts, process activities,
key metrics, roles and challenges for:
• Change Management (ST 4.2, 6.3.2.4)
Service Operation
05-7. Explain the high level objectives, scope, basic concepts, process activities,
key metrics, roles and challenges for:
• Incident Management (SO 4.2, 6.6.6)
The purpose of this unit is to help the candidate to explain the role, objectives,
organizational structures, staffing and metrics of the Service Desk function and to
state the role, objectives and overlap of three other functions.
The purpose of this unit is to help the candidate to account for the role and to be
aware of the responsibilities of some of the key roles in Service Management and to
recognize a number of the remaining roles described in other Learning Units.
07-2. Recognize the RACI model and explain its role in determining
organisational structure. (SD 6, CSI 6.2)
The purpose of this unit is to help the candidate to pass the ITIL® Foundation
exam.
The recommended study period for this unit is minimum 2 hours inclusive
revision.
The ITIL® Foundation Certificate Syllabus
Version 3.0 (Status – Live) Page 8 of 9 Document owner – Chief Examiner
© The APM Group Limited 2007
Format of the Examination
This syllabus has an accompanying examination at which the candidate must achieve a pass score
to gain the ITIL® Foundation Certificate in IT Service Management.
Student details/Course details (If you wish to provide your feedback anonymously, all fields marked with * are optional)
All students Please help us improve our service to you by providing the following information.
Course content 1 2 3 4 5
Instructor 1 2 3 4 5
Course logistics 1 2 3 4 5
Registration process 1 2 3 4 5
Training facility/classroom 1 2 3 4 5
Lab or demonstration equipment 1 2 3 4 5
What comments or suggestions do you have about any aspect of the course?
If you could do one thing to make this course excellent, what would it be?
Additional questions on the potential impact of your learning experience can be found at the back of this page.
Your responses are greatly appreciated.
HP Customers and Partners only If you are an HP Customer or an HP Partner employee please help us improve
our service to you by providing the following information:
If 0% represents no increase, and 100% represents a very significant increase on your previous ■ 0% - 20% ■ 20% - 40% ■ 40% - 60%
knowledge, please rate your INCREASE in skill level or knowledge of this content after this course ■ 60% - 80% ■ 80% - 100% ■ N/A
What percentage of the new knowledge and skills you learned from this course do you estimate ■ 0% - 20% ■ 20% - 40% ■ 40% - 60%
you will apply directly to your job? ■ 60% - 80% ■ 80% - 100% ■ N/A
What percentage of your total work time requires you to use the knowledge and skills presented ■ 0% - 20% ■ 20% - 40% ■ 40% - 60%
in this course? ■ 60% - 80% ■ 80% - 100% ■ N/A
On a scale of 0% (not at all) to 100% (extremely critical), how critical is applying the content ■ 0% - 20% ■ 20% - 40% ■ 40% - 60%
of this course to your job success? ■ 60% - 80% ■ 80% - 100% ■ N/A
Your Preferences
What best describes your Job Function? ■ Accounting/Finance ■ Quality ■ Consulting ■ Engineering ■ Instructor
■ General Management ■ Human Resources ■ IT Professional ■ Marketing/Sales ■ Production
■ Purchasing ■ Student ■ Biotechnology/Pharmaceutical
What was the primary way you learned about this course or event?
What is the primary way you would like to learn about future courses or events?
Follow-up Survey
HP invites you to participate in a follow-up survey to measure the impact of this training to your job.
Please indicate if you would be willing to participate. Yes No
Regarding the HP Certified Professional Program, please help us improve our service to you by providing the following information:
Did you attend this course with the intention of becoming certified? Yes No
Would you consider pursuing certification based on your successful completion of this class? Yes No
Thank you for taking the time to complete this survey form.
Glossary
ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the
Office of Government Commerce, and is Registered in the U.S. Patent and Trademark
Office.
Term Definition
Account Manager (Service Strategy) A Role that is very similar to Business Relationship
Manager, but includes more commercial aspects. Most commonly used
when dealing with External Customers.
Accounting (Service Strategy) The Process responsible for identifying actual Costs
of delivering IT Services, comparing these with budgeted costs, and
managing variance from the Budget.
Agreed Service (Service Design) A synonym for Service Hours, commonly used in
Time formal calculations of Availability. See Downtime.
Term Definition
Application Sizing (Service Design) The Activity responsible for understanding the
Resource Requirements needed to support a new Application, or a
major Change to an existing Application. Application Sizing helps to
ensure that the IT Service can meet its agreed Service Level Targets for
Capacity and Performance.
Term Definition
Asset Register (Service Transition) A list of Assets, which includes their ownership
and value. The Asset Register is maintained by Asset Management.
Term Definition
Availability Plan (Service Design) A Plan to ensure that existing and future Availability
Requirements for IT Services can be provided Cost Effectively.
Best Practice Proven Activities or Processes that have been successfully used by
multiple Organisations. ITIL is an example of Best Practice.
Term Definition
British Standards The UK National Standards body, responsible for creating and
Institution (BSI) maintaining British Standards. See http://www.bsi-global.com for more
information.
See ISO.
Budget A list of all the money an Organisation or Business Unit plans to receive,
and plans to pay out, over a specified period of time.
See Budgeting, Planning.
Term Definition
Business Process A Process that is owned and carried out by the Business. A Business
Process contributes to the delivery of a product or Service to a Business
Customer. For example, a retailer may have a purchasing Process
which helps to deliver Services to their Business Customers. Many
Business Processes rely on IT Services.
Term Definition
Business Unit (Service Strategy) A segment of the Business which has its own Plans,
Metrics, income and Costs. Each Business Unit owns Assets and uses
these to create value for Customers in the form of goods and Services.
Call (Service Operation) A telephone call to the Service Desk from a User.
A Call could result in an Incident or a Service Request being logged.
Term Definition
Capacity (Service Design) The Process responsible for ensuring that the
Management Capacity of IT Services and the IT Infrastructure is able to deliver
agreed Service Level Targets in a Cost Effective and timely manner.
Capacity Management considers all Resources required to deliver the
IT Service, and plans for short, medium and long term Business
Requirements.
Capacity Plan (Service Design) A Capacity Plan is used to manage the Resources
required to deliver IT Services. The Plan contains scenarios for different
predictions of Business demand, and costed options to deliver the
agreed Service Level Targets.
Capacity Planning (Service Design) The Activity within Capacity Management responsible
for creating a Capacity Plan.
Capital (Service Strategy) The Cost of purchasing something that will become
Expenditure a financial Asset, for example computer equipment and buildings. The
(CAPEX) value of the Asset is Depreciated over multiple accounting periods.
Term Definition
Change Advisory (Service Transition) A group of people that advises the Change
Board (CAB) Manager in the Assessment, prioritisation and scheduling of Changes.
This board is usually made up of representatives from all areas within
the IT Service Provider, the Business, and Third Parties such as
Suppliers.
Term Definition
Change Schedule (Service Transition) A Document that lists all approved Changes and
their planned implementation dates. A Change Schedule is sometimes
called a Forward Schedule of Change, even though it also contains
information about Changes that have already been implemented.
Term Definition
Component A general term that is used to mean one part of something more
complex. For example, a computer System may be a component of an
IT Service, an Application may be a Component of a Release Unit.
Components that need to be managed should be Configuration Items.
Confidentiality (Service Design) A security principle that requires that data should only
be accessed by authorised people.
Term Definition
Configuration (Service Transition) The Activity responsible for ensuring that adding,
Control modifying or removing a CI is properly managed, for example by
submitting a Request for Change or Service Request.
Configuration (Service Transition) A set of tools and databases that are used to
Management manage an IT Service Provider's Configuration data. The CMS also
System (CMS) includes information about Incidents, Problems, Known Errors, Changes
and Releases; and may contain data about employees, Suppliers,
locations, Business Units, Customers and Users. The CMS includes
tools for collecting, storing, managing, updating, and presenting data
about all Configuration Items and their Relationships. The CMS is
maintained by Configuration Management and is used by all IT Service
Management Processes.
See Configuration Management Database, Service Knowledge
Management System.
Configuration (Service Transition) The hierarchy and other Relationships between all
Structure the Configuration Items that comprise a Configuration.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Continual Service Improvement (CSI) to Control Processes
Term Definition
Control The ISO/IEC 20000 Process group that includes Change Management
Processes and Configuration Management.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Core Service to Cost Unit
Term Definition
Core Service (Service Strategy) An IT Service that delivers basic Outcomes desired
by one or more Customers.
See Supporting Service, Core Service Package.
Core Service (Service Strategy) A detailed description of a Core Service that may be
Package (CSP) shared by two or more Service Level Packages.
See Service Package.
Cost Benefit An Activity that analyses and compares the Costs and the benefits
Analysis involved in one or more alternative courses of action.
See Business Case, Net Present Value, Internal Rate of Return, Return
on Investment, Value on Investment.
Cost Centre (Service Strategy) A Business Unit or Project to which Costs are
assigned. A Cost Centre does not charge for Services provided. An IT
Service Provider can be run as a Cost Centre or a Profit Centre.
Cost Element (Service Strategy) The middle level of category to which Costs are
assigned in Budgeting and Accounting. The highest level category is
Cost Type. For example a Cost Type of “people” could have cost
elements of payroll, staff benefits, expenses, training, overtime etc. Cost
Elements can be further broken down to give Cost Units. For example
the Cost Element “expenses” could include Cost Units of Hotels,
Transport, Meals etc.
Cost Type (Service Strategy) The highest level of category to which Costs are
assigned in Budgeting and Accounting. For example hardware,
software, people, accommodation, external and Transfer.
See Cost Element, Cost Type.
Cost Unit (Service Strategy) The lowest level of category to which Costs are
assigned, Cost Units are usually things that can be easily counted (e.g.
staff numbers, software licences) or things easily measured (e.g. CPU
usage, Electricity consumed). Cost Units are included within Cost
Elements. For example a Cost Element of “expenses” could include
Cost Units of Hotels, Transport, Meals etc.
See Cost Type.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Countermeasure to Data-to-Information-to-Knowledge-to-Wisdom (DIKW)
Term Definition
Countermeasure Can be used to refer to any type of Control. The term Countermeasure
is most often used when referring to measures that increase Resilience,
Fault Tolerance or Reliability of an IT Service.
Course Changes made to a Plan or Activity that has already started, to ensure
Corrections that it will meet its Objectives. Course corrections are made as a result
of Monitoring progress.
CRAMM A methodology and tool for analysing and managing Risks. CRAMM
was developed by the UK Government, but is now privately owned.
Further information is available from http://www.cramm.com/
Critical Success Something that must happen if a Process, Project, Plan, or IT Service is
Factor (CSF) to succeed. KPIs are used to measure the achievement of each CSF.
For example a CSF of "protect IT Services when making Changes"
could be measured by KPIs such as "percentage reduction of
unsuccessful Changes", "percentage reduction in Changes causing
Incidents" etc.
Term Definition
Definitive Media (Service Transition) One or more locations in which the definitive and
Library (DML) approved versions of all software Configuration Items are securely
stored. The DML may also contain associated CIs such as licenses and
documentation. The DML is a single logical storage area even if there
are multiple locations. All software in the DML is under the control of
Change and Release Management and is recorded in the Configuration
Management System. Only software from the DML is acceptable for use
in a Release.
Demand Activities that understand and influence Customer demand for Services
Management and the provision of Capacity to meet these demands. At a Strategic
level Demand Management can involve analysis of Patterns of Business
Activity and User Profiles. At a Tactical level it can involve use of
Differential Charging to encourage Customers to use IT Services at less
busy times.
See Capacity Management.
Dependency The direct or indirect reliance of one Process or Activity upon another.
Term Definition
Early Life Support (Service Transition) Support provided for a new or Changed IT
Service for a period of time after it is Released. During Early Life
Support the IT Service Provider may review the KPIs, Service Levels
and Monitoring Thresholds, and provide additional Resources for
Incident and Problem Management.
Economies of (Service Strategy) The reduction in average Cost that is possible from
scale increasing the usage of an IT Service or Asset.
See Economies of Scope.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Economies of scope to Escalation
Term Definition
Term Definition
Event (Service Operation) A change of state which has significance for the
management of a Configuration Item or IT Service.
The term Event is also used to mean an Alert or notification created by
any IT Service, Configuration Item or Monitoring tool. Events typically
require IT Operations personnel to take actions, and often lead to
Incidents being logged.
Exception Report A Document containing details of one or more KPIs or other important
targets that have exceeded defined Thresholds. Examples include SLA
targets being missed or about to be missed, and a Performance Metric
indicating a potential Capacity problem.
Term Definition
Fast Recovery (Service Design) A Recovery Option which is also known as Hot
Standby. Provision is made to Recover the IT Service in a short period
of time, typically less than 24 hours. Fast Recovery typically uses a
dedicated Fixed Facility with computer Systems, and software
configured ready to run the IT Services. Immediate Recovery may take
up to 24 hours if there is a need to Restore data from Backups.
Term Definition
First-line Support (Service Operation) The first level in a hierarchy of Support Groups
involved in the resolution of Incidents. Each level contains more
specialist skills, or has more time or other Resources.
See Escalation.
Fit for Purpose An informal term used to describe a Process, Configuration Item, IT
Service etc. that is capable of meeting its Objectives or Service Levels.
Being Fit for Purpose requires suitable Design, implementation, Control
and maintenance.
Fixed Cost (Service Strategy) A Cost that does not vary with IT Service usage. For
example the cost of Server hardware.
See Variable Cost.
Fixed Facility (Service Design) A permanent building, available for use when needed
by an IT Service Continuity Plan.
See Recovery Option, Portable Facility.
Follow the Sun (Service Operation) A methodology for using Service Desks and
Support Groups around the world to provide seamless 24 * 7 Service.
Calls, Incidents, Problems and Service Requests are passed between
groups in different time zones.
Function A team or group of people and the tools they use to carry out one or
more Processes or Activities. For example the Service Desk.
The term Function also has two other meanings
• An intended purpose of a Configuration Item, Person, Team,
Process, or IT Service. For example one Function of an Email
Service may be to store and forward outgoing mails, one Function
of a Business Process may be to dispatch goods to Customers.
• To perform the intended purpose correctly, "The computer is
Functioning"
Governance Ensuring that Policies and Strategy are actually implemented, and that
required Processes are correctly followed. Governance includes
defining Roles and responsibilities, measuring and reporting, and taking
actions to resolve any issues identified.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Gradual Recovery to Incident Management
Term Definition
Gradual Recovery (Service Design) A Recovery Option which is also known as Cold
Standby. Provision is made to Recover the IT Service in a period of time
greater than 72 hours. Gradual Recovery typically uses a Portable or
Fixed Facility that has environmental support and network cabling, but
no computer Systems. The hardware and software are installed as part
of the IT Service Continuity Plan.
Help Desk (Service Operation) A point of contact for Users to log Incidents. A
Help Desk is usually more technically focussed than a Service Desk and
does not provide a Single Point of Contact for all interaction. The term
Help Desk is often used as a synonym for Service Desk.
High Availability (Service Design) An approach or Design that minimises or hides the
effects of Configuration Item Failure on the Users of an IT Service. High
Availability solutions are Designed to achieve an agreed level of
Availability and make use of techniques such as Fault Tolerance,
Resilience and fast Recovery to reduce the number of Incidents, and
the Impact of Incidents.
Term Definition
Information (Service Design) The Process that ensures the Confidentiality, Integrity
Security and Availability of an Organisation's Assets, information, data and IT
Management Services. Information Security Management usually forms part of an
(ISM) Organisational approach to Security Management which has a wider
scope than the IT Service Provider, and includes handling of paper,
building access, phone calls etc., for the entire Organisation.
Information (Service Design) The Policy that governs the Organisation’s approach
Security Policy to Information Security Management.
Infrastructure An IT Service that is not directly used by the Business, but is required
Service by the IT Service Provider so they can provide other IT Services. For
example Directory Services, naming services, or communication
services.
Interactive Voice (Service Operation) A form of Automatic Call Distribution that accepts
Response (IVR) User input, such as key presses and spoken commands, to identify the
correct destination for incoming Calls.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Intermediate Recovery to Ishikawa Diagram
Term Definition
Internal Customer A Customer who works for the same Business as the IT Service
Provider.
See Internal Service Provider, External Customer.
Internal Metric A Metric that is used within the IT Service Provider to Monitor the
Efficiency, Effectiveness or Cost Effectiveness of the IT Service
Provider's internal Processes. Internal Metrics are not normally reported
to the Customer of the IT Service. See External Metric.
Internal Rate of (Service Strategy) A technique used to help make decisions about
Return (IRR) Capital Expenditure. IRR calculates a figure that allows two or more
alternative investments to be compared. A larger IRR indicates a better
investment.
See Net Present Value, Return on Investment.
Internal Service (Service Strategy) An IT Service Provider which is part of the same
Provider Organisation as their Customer. An IT Service Provider may have both
Internal Customers and External Customers.
See Type I Service Provider, Type II Service Provider, Insource.
Internet Service An External Service Provider that provides access to the Internet. Most
Provider (ISP) ISPs also provide other IT Services such as web hosting.
Invocation (Service Design) Initiation of the steps defined in a plan. For example
initiating the IT Service Continuity Plan for one or more IT Services.
Term Definition
ISO 9000 A generic term that refers to a number of international Standards and
Guidelines for Quality Management Systems.
See http://www.iso.org/ for more information.
See ISO.
ISO/IEC 20000 ISO Specification and Code of Practice for IT Service Management.
ISO/IEC 20000 is aligned with ITIL Best Practice.
IT Infrastructure All of the hardware, software, networks, facilities etc. that are required to
Develop, Test, deliver, Monitor, Control or support IT Services. The term
IT Infrastructure includes all of the Information Technology but not the
associated people, Processes and documentation.
Term Definition
IT Service (Service Design) The Process responsible for managing Risks that
Continuity could seriously impact IT Services. ITSCM ensures that the IT Service
Management Provider can always provide minimum agreed Service Levels, by
(ITSCM) reducing the Risk to an acceptable level and Planning for the Recovery
of IT Services. ITSCM should be designed to support Business
Continuity Management.
IT Service (Service Design) A Plan defining the steps required to Recover one or
Continuity Plan more IT Services. The Plan will also identify the triggers for Invocation,
people to be involved, communications etc. The IT Service Continuity
Plan should be part of a Business Continuity Plan.
IT Steering Group A formal group that is responsible for ensuring that Business and IT
(ISG) Service Provider Strategies and Plans are closely aligned. An IT
Steering Group includes senior representatives from the Business and
the IT Service Provider.
Job Description A Document which defines the Roles, responsibilities, skills and
knowledge required by a particular person. One Job Description can
include multiple Roles, for example the Roles of Configuration Manager
and Change Manager may be carried out by one person.
Job Scheduling (Service Operation) Planning and managing the execution of software
tasks that are required as part of an IT Service. Job Scheduling is
carried out by IT Operations Management, and is often automated using
software tools that run batch or online tasks at specific times of the day,
week, month or year.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Kano Model to Known Error Record
Term Definition
Kano Model (Service Strategy) A Model developed by Noriaki Kano that is used to
help understand Customer preferences. The Kano Model considers
Attributes of an IT Service grouped into areas such as Basic Factors,
Excitement Factors, Performance Factors etc.
Knowledge Base (Service Transition) A logical database containing the data used by the
Service Knowledge Management System.
Known Error (Service Operation) A Problem that has a documented Root Cause
and a Workaround. Known Errors are created and managed throughout
their Lifecycle by Problem Management. Known Errors may also be
identified by Development or Suppliers.
Known Error (Service Operation) A database containing all Known Error Records.
Database (KEDB) This database is created by Problem Management and used by Incident
and Problem Management. The Known Error Database is part of the
Service Knowledge Management System.
Known Error (Service Operation) A Record containing the details of a Known Error.
Record Each Known Error Record documents the Lifecycle of a Known Error,
including the Status, Root Cause and Workaround. In some
implementations a Known Error is documented using additional fields in
a Problem Record.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Lifecycle to Management System
Term Definition
Line of Service (Service Strategy) A Core Service or Supporting Service that has
(LOS) multiple Service Level Packages. A line of Service is managed by a
Product Manager and each Service Level Package is designed to
support a particular market segment.
Major Incident (Service Operation) The highest Category of Impact for an Incident. A
Major Incident results in significant disruption to the Business.
Management of The OGC methodology for managing Risks. MoR includes all the
Risk (MoR) Activities required to identify and Control the exposure to Risk which
may have an impact on the achievement of an Organisation’s Business
Objectives.
See http://www.m-o-r.org/ for more details.
Term Definition
Marginal Cost (Service Strategy) The Cost of continuing to provide the IT Service.
Marginal Cost does not include investment already made, for example
the cost of developing new software and delivering training.
Market Space (Service Strategy) All opportunities that an IT Service Provider could
exploit to meet business needs of Customers. The Market Space
identifies the possible IT Services that an IT Service Provider may wish
to consider delivering.
Maturity Level A named level in a Maturity model such as the Carnegie Mellon
Capability Maturity Model Integration.
Mean Time (Service Design) A Metric for measuring and reporting Reliability.
Between Failures MTBF is the average time that a Configuration Item or IT Service can
(MTBF) perform its agreed Function without interruption. This is measured from
when the CI or IT Service starts working, until it next fails.
Mean Time (Service Design) A Metric used for measuring and reporting Reliability.
Between Service MTBSI is the mean time from when a System or IT Service fails, until it
Incidents (MTBSI) next fails. MTBSI is equal to MTBF + MTRS.
Mean Time To The average time taken to repair a Configuration Item or IT Service after
Repair (MTTR) a Failure. MTTR is measured from when the CI or IT Service fails until it
is Repaired. MTTR does not include the time required to Recover or
Restore. MTTR is sometimes incorrectly used to mean Mean Time to
Restore Service.
Mean Time to The average time taken to Restore a Configuration Item or IT Service
Restore Service after a Failure. MTRS is measured from when the CI or IT Service fails
(MTRS) until it is fully Restored and delivering its normal functionality.
See Maintainability, Mean Time to Repair.
Term Definition
Net Present Value (Service Strategy) A technique used to help make decisions about
(NPV) Capital Expenditure. NPV compares cash inflows to cash outflows.
Positive NPV indicates that an investment is worthwhile.
See Internal Rate of Return, Return on Investment.
Office of OGC owns the ITIL brand (copyright and trademark). OGC is a UK
Government Government department that supports the delivery of the government's
Commerce (OGC) procurement agenda through its work in collaborative procurement and
in raising levels of procurement skills and capability with departments. It
also provides support for complex public sector projects.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Office of Public Sector Information (OPSI) to Operational Level Agreement (OLA)
Term Definition
Office of Public OPSI license the Crown Copyright material used in the ITIL
Sector publications. They are a UK Government department who provide
Information online access to UK legislation, license the re-use of Crown copyright
(OPSI) material, manage the Information Fair Trader Scheme, maintain the
Government’s Information Asset Register and provide advice and
guidance on official publishing and Crown copyright.
Operational The lowest of three levels of Planning and delivery (Strategic, Tactical,
Operational). Operational Activities include the day-to-day or short term
Planning or delivery of a Business Process or IT Service Management
Process.
The term Operational is also a synonym for Live.
Operational Cost Cost resulting from running the IT Services. Often repeating payments.
For example staff costs, hardware maintenance and electricity (also
known as "current expenditure" or "revenue expenditure").
See Capital Expenditure.
Term Definition
Opportunity Cost (Service Strategy) A Cost that is used in deciding between investment
choices. Opportunity Cost represents the revenue that would have been
generated by using the Resources in a different way. For example the
Opportunity Cost of purchasing a new Server may include not carrying
out a Service Improvement activity that the money could have been
spent on. Opportunity cost analysis is used as part of a decision making
processes, but is not treated as an actual Cost in any financial
statement.
Optimise Review, Plan and request Changes, in order to obtain the maximum
Efficiency and Effectiveness from a Process, Configuration Item,
Application etc.
Pain Value (Service Operation) A technique used to help identify the Business
Analysis Impact of one or more Problems. A formula is used to calculate Pain
Value based on the number of Users affected, the duration of the
Downtime, the Impact on each User, and the cost to the Business (if
known).
Term Definition
Percentage (Service Design) The amount of time that a Component is busy over a
utilisation given period of time. For example, if a CPU is busy for 1800 seconds in
a one hour period, its utilisation is 50%
Term Definition
Planned (Service Design) Agreed time when an IT Service will not be available.
Downtime Planned Downtime is often used for maintenance, upgrades and testing.
See Change Window, Downtime.
Planning An Activity responsible for creating one or more Plans. For example,
Capacity Planning.
Post A Review that takes place after a Change or a Project has been
Implementation implemented. A PIR determines if the Change or Project was
Review (PIR) successful, and identifies opportunities for improvement.
Practice A way of working, or a way in which work must be done. Practices can
include Activities, Processes, Functions, Standards and Guidelines.
See Best Practice.
Pricing (Service Strategy) The Activity for establishing how much Customers
will be Charged.
Term Definition
Process Control The Activity of planning and regulating a Process, with the Objective of
performing the Process in an Effective, Efficient, and consistent manner.
Process Owner A Role responsible for ensuring that a Process is Fit for Purpose. The
Process Owner’s responsibilities include sponsorship, Design, Change
Management and continual improvement of the Process and its Metrics.
This Role is often assigned to the same person who carries out the
Process Manager Role, but the two Roles may be separate in larger
Organisations.
Term Definition
Profit Centre (Service Strategy) A Business Unit which charges for Services
provided. A Profit Centre can be created with the objective of making a
profit, recovering Costs, or running at a loss. An IT Service Provider can
be run as a Cost Centre or a Profit Centre.
Programme A number of Projects and Activities that are planned and managed
together to achieve an overall set of related Objectives and other
Outcomes.
Projected Service (Service Transition) A Document that identifies the effect of planned
Outage (PSO) Changes, maintenance Activities and Test Plans on agreed Service
Levels.
Quality Assurance (Service Transition) The Process responsible for ensuring that the
(QA) Quality of a product, Service or Process will provide its intended Value.
Term Definition
Recovery Point (Service Operation) The maximum amount of data that may be lost
Objective (RPO) when Service is Restored after an interruption. Recovery Point
Objective is expressed as a length of time before the Failure. For
example a Recovery Point Objective of one day may be supported by
daily Backups, and up to 24 hours of data may be lost. Recovery Point
Objectives for each IT Service should be negotiated, agreed and
documented, and used as Requirements for Service Design and IT
Service Continuity Plans.
Recovery Time (Service Operation) The maximum time allowed for recovery of an IT
Objective (RTO) Service following an interruption. The Service Level to be provided may
be less than normal Service Level Targets. Recovery Time Objectives
for each IT Service should be negotiated, agreed and documented.
See Business Impact Analysis.
Term Definition
Relationship The ISO/IEC 20000 Process group that includes Business Relationship
Processes Management and Supplier Management.
Release and (Service Transition) The Process responsible for both Release
Deployment Management and Deployment.
Management
Release Process The name used by ISO/IEC 20000 for the Process group that includes
Release Management. This group does not include any other
Processes.
Release Process is also used as a synonym for Release Management
Process.
Release Record (Service Transition) A Record in the CMDB that defines the content of
a Release. A Release Record has Relationships with all Configuration
Items that are affected by the Release.
Term Definition
Resolution The ISO/IEC 20000 Process group that includes Incident Management
Processes and Problem Management.
Term Definition
Return to Normal (Service Design) The phase of an IT Service Continuity Plan during
which full normal operations are resumed. For example, if an alternate
data centre has been in use, then this phase will bring the primary data
centre back into operation, and restore the ability to invoke IT Service
Continuity Plans again.
Risk A possible Event that could cause harm or loss, or affect the ability to
achieve Objectives. A Risk is measured by the probability of a Threat,
the Vulnerability of the Asset to that Threat, and the Impact it would
have if it occurred.
Risk Assessment The initial steps of Risk Management. Analysing the value of Assets to
the business, identifying Threats to those Assets, and evaluating how
Vulnerable each Asset is to those Threats. Risk Assessment can be
quantitative (based on numerical data) or qualitative.
Risk Management The Process responsible for identifying, assessing and controlling
Risks.
See Risk Assessment.
Term Definition
Rollout (Service Transition) Synonym for Deployment. Most often used to refer
to complex or phased Deployments or Deployments to multiple
locations.
Root Cause (Service Operation) An Activity that identifies the Root Cause of an
Analysis (RCA) Incident or Problem. RCA typically concentrates on IT Infrastructure
failures.
See Service Failure Analysis.
Term Definition
Service Asset and (Service Transition) The Process responsible for both Configuration
Configuration Management and Asset Management.
Management
(SACM)
Service Contract (Service Strategy) A Contract to deliver one or more IT Services. The
term Service Contract is also used to mean any Agreement to deliver IT
Services, whether this is a legal Contract or an SLA.
See Contract Portfolio.
Service Culture A Customer oriented Culture. The major Objectives of a Service Culture
are Customer satisfaction and helping the Customer to achieve their
Business Objectives.
Service Design (Service Design) Document(s) defining all aspects of an IT Service and
Package its Requirements through each stage of its Lifecycle. A Service Design
Package is produced for each new IT Service, major Change, or IT
Service Retirement.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Service Desk to Service Level Package (SLP)
Term Definition
Service Desk (Service Operation) The Single Point of Contact between the Service
Provider and the Users. A typical Service Desk manages Incidents and
Service Requests, and also handles communication with the Users.
Service Failure (Service Design) An Activity that identifies underlying causes of one or
Analysis (SFA) more IT Service interruptions. SFA identifies opportunities to improve
the IT Service Provider's Processes and tools, and not just the IT
Infrastructure. SFA is a time constrained, project-like activity, rather than
an ongoing process of analysis.
See Root Cause Analysis.
Service (Service Transition) A set of tools and databases that are used to
Knowledge manage knowledge and information. The SKMS includes the
Management Configuration Management System, as well as other tools and
System (SKMS) databases. The SKMS stores, manages, updates, and presents all
information that an IT Service Provider needs to manage the full
Lifecycle of IT Services.
Service Level Measured and reported achievement against one or more Service Level
Targets. The term Service Level is sometimes used informally to mean
Service Level Target.
Service Level (Service Strategy) A defined level of Utility and Warranty for a
Package (SLP) particular Service Package. Each SLP is designed to meet the needs of
a particular Pattern of Business Activity.
See Line of Service.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Service Level Requirement (SLR) to Service Pipeline
Term Definition
Service (Service Operation) The expected time that a Configuration Item will
Maintenance be unavailable due to planned maintenance Activity.
Objective
Service Manager A manager who is responsible for managing the end-to-end Lifecycle of
one or more IT Services. The term Service Manager is also used to
mean any manager within the IT Service Provider. Most commonly
used to refer to a Business Relationship Manager, a Process Manager,
an Account Manager or a senior manager with responsibility for IT
Services overall.
Service Owner (Continual Service Improvement) A Role which is accountable for the
delivery of a specific IT Service.
Term Definition
Service Portfolio (Service Strategy) The complete set of Services that are managed by a
Service Provider. The Service Portfolio is used to manage the entire
Lifecycle of all Services, and includes three Categories: Service Pipeline
(proposed or in Development); Service Catalogue (Live or available for
Deployment); and Retired Services.
See Service Portfolio Management, Contract Portfolio.
Service Portfolio (Service Strategy) The Process responsible for managing the Service
Management Portfolio. Service Portfolio Management considers Services in terms of
(SPM) the Business value that they provide.
Service Potential (Service Strategy) The total possible value of the overall Capabilities
and Resources of the IT Service Provider.
Service Provider (Service Strategy) An interface between the IT Service Provider and a
Interface (SPI) User, Customer, Business Process, or a Supplier. Analysis of Service
Provider Interfaces helps to coordinate end-to-end management of IT
Services.
Service Request (Service Operation) A request from a User for information, or advice,
or for a Standard Change or for Access to an IT Service. For example to
reset a password, or to provide standard IT Services for a new User.
Service Requests are usually handled by a Service Desk, and do not
require an RFC to be submitted.
See Request Fulfilment.
Service Sourcing (Service Strategy) The Strategy and approach for deciding whether to
provide a Service internally or to Outsource it to an External Service
Provider. Service Sourcing also means the execution of this Strategy.
Service Sourcing includes:
• Internal Sourcing - Internal or Shared Services using Type I or
Type II Service Providers.
• Traditional Sourcing - Full Service Outsourcing using a Type III
Service Provider.
• Multivendor Sourcing - Prime, Consortium or Selective
Outsourcing using Type III Service Providers.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Service Strategy to Simulation modelling
Term Definition
Service Strategy (Service Strategy) The title of one of the Core ITIL publications.
Service Strategy establishes an overall Strategy for IT Services and for
IT Service Management.
Service Validation (Service Transition) The Process responsible for Validation and
and Testing Testing of a new or Changed IT Service. Service Validation and Testing
ensures that the IT Service matches its Design Specification and will
meet the needs of the Business.
Service Warranty (Service Strategy) Assurance that an IT Service will meet agreed
Requirements. This may be a formal Agreement such as a Service
Level Agreement or Contract, or may be a marketing message or brand
image. The Business value of an IT Service is created by the
combination of Service Utility (what the Service does) and Service
Warranty (how well it does it).
See Warranty.
Shift (Service Operation) A group or team of people who carry out a specific
Role for a fixed period of time. For example there could be four shifts of
IT Operations Control personnel to support an IT Service that is used 24
hours a day.
Term Definition
Single Point of (Service Design) Any Configuration Item that can cause an Incident
Failure (SPOF) when it fails, and for which a Countermeasure has not been
implemented. A SPOF may be a person, or a step in a Process or
Activity, as well as a Component of the IT Infrastructure.
See Failure.
Term Definition
Standard Change (Service Transition) A pre-approved Change that is low Risk, relatively
common and follows a Procedure or Work Instruction. For example
password reset or provision of standard equipment to a new employee.
RFCs are not required to implement a Standard Change, and they are
logged and tracked using a different mechanism, such as a Service
Request.
See Change Model.
Standby (Service Design) Used to refer to Resources that are not required to
deliver the Live IT Services, but are available to support IT Service
Continuity Plans. For example a Standby data centre may be
maintained to support Hot Standby, Warm Standby or Cold Standby
arrangements.
Status The name of a required field in many types of Record. It shows the
current stage in the Lifecycle of the associated Configuration Item,
Incident, Problem etc.
Status Accounting (Service Transition) The Activity responsible for recording and
reporting the Lifecycle of each Configuration Item.
Storage (Service Operation) The Process responsible for managing the storage
Management and maintenance of data throughout its Lifecycle.
Strategic (Service Strategy) The highest of three levels of Planning and delivery
(Strategic, Tactical, Operational). Strategic Activities include Objective
setting and long term Planning to achieve the overall Vision.
Super User (Service Operation) A User who helps other Users, and assists in
communication with the Service Desk or other parts of the IT Service
Provider. Super Users typically provide support for minor Incidents and
training.
Term Definition
Supplier (Service Design) The Process responsible for ensuring that all
Management Contracts with Suppliers support the needs of the Business, and that all
Suppliers meet their contractual commitments.
Supply Chain (Service Strategy) The Activities in a Value Chain carried out by
Suppliers. A Supply Chain typically involves multiple Suppliers, each
adding value to the product or Service.
See Value Network.
Support Group (Service Operation) A group of people with technical skills. Support
Groups provide the Technical Support needed by all of the IT Service
Management Processes.
See Technical Management.
Support Hours (Service Design) (Service Operation) The times or hours when
support is available to the Users. Typically this is the hours when the
Service Desk is available. Support Hours should be defined in a Service
Level Agreement, and may be different from Service Hours. For
example, Service Hours may be 24 hours a day, but the Support Hours
may be 07:00 to 19:00.
Tactical The middle of three levels of Planning and delivery (Strategic, Tactical,
Operational). Tactical Activities include the medium term Plans required
to achieve specific Objectives, typically over a period of weeks to
months.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Tag to Threat
Term Definition
Third Party A person, group, or Business who is not part of the Service Level
Agreement for an IT Service, but is required to ensure successful
delivery of that IT Service. For example a software Supplier, a hardware
maintenance company, or a facilities department. Requirements for
Third Parties are typically specified in Underpinning Contracts or
Operational Level Agreements.
Third-line Support (Service Operation) The third level in a hierarchy of Support Groups
involved in the resolution of Incidents and investigation of Problems.
Each level contains more specialist skills, or has more time or other
Resources.
Term Definition
Total Cost of (Service Strategy) A methodology used to help make investment and
Utilization (TCU) Service Sourcing decisions. TCU assesses the full Lifecycle Cost to the
Customer of using an IT Service.
See Total Cost of Ownership.
Transition (Service Transition) The Process responsible for Planning all Service
Planning and Transition Processes and co-ordinating the resources that they require.
Support These Service Transition Processes are Change Management, Service
Asset and Configuration Management, Release and Deployment
Management, Service Validation and Testing, Evaluation, and
Knowledge Management.
Tuning The Activity responsible for Planning Changes to make the most
efficient use of Resources. Tuning is part of Performance Management,
which also includes Performance Monitoring and implementation of the
required Changes.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Type I Service Provider to Utility
Term Definition
Type II Service (Service Strategy) An Internal Service Provider that provides shared IT
Provider Services to more than one Business Unit.
Type III Service (Service Strategy) A Service Provider that provides IT Services to
Provider External Customers.
Unit Cost (Service Strategy) The Cost to the IT Service Provider of providing a
single Component of an IT Service. For example the Cost of a single
desktop PC, or of a single Transaction.
Use Case (Service Design) A technique used to define required functionality and
Objectives, and to Design Tests. Use Cases define realistic scenarios
that describe interactions between Users and an IT Service or other
System.
See Change Case.
User A person who uses the IT Service on a day-to-day basis. Users are
distinct from Customers, as some Customers do not use the IT Service
directly.
User Profile (UP) (Service Strategy) A pattern of User demand for IT Services. Each
User Profile includes one or more Patterns of Business Activity.
Term Definition
Value for Money An informal measure of Cost Effectiveness. Value for Money is often
based on a comparison with the Cost of alternatives.
See Cost Benefit Analysis.
Variable Cost (Service Strategy) A Cost that depends on how much the IT Service is
used, how many products are produced, the number and type of Users,
or something else that cannot be fixed in advance.
See Variable Cost Dynamics.
Variable Cost (Service Strategy) A technique used to understand how overall Costs
Dynamics are impacted by the many complex variable elements that contribute to
the provision of IT Services.
Variance The difference between a planned value and the actual measured
value. Commonly used in Financial Management, Capacity
Management and Service Level Management, but could apply in any
area where Plans are in place.
Verification and (Service Transition) The Activities responsible for ensuring that
Audit information in the CMDB is accurate and that all Configuration Items
have been identified and recorded in the CMDB. Verification includes
routine checks that are part of other Processes. For example, verifying
the serial number of a desktop PC when a User logs an Incident. Audit
is a periodic, formal check.
ITIL® V3 Glossary v3.1.24, 11 May 2007
Version to Workload
Term Definition
Work in Progress A Status that means Activities have started but are not yet complete. It
(WIP) is commonly used as a Status for Incidents, Problems, Changes etc.
Work Instruction A Document containing detailed instructions that specify exactly what
steps to follow to carry out an Activity. A Work Instruction contains much
more detail than a Procedure and is only created if very detailed
instructions are needed.
Acronym Term
ACD Automatic Call Distribution
AM Availability Management
AMIS Availability Management Information System
ASP Application Service Provider
BCM Business Capacity Management
BCM Business Continuity Management
BCP Business Continuity Plan
BIA Business Impact Analysis
BRM Business Relationship Manager
BSI British Standards Institution
BSM Business Service Management
CAB Change Advisory Board
CAB/EC Change Advisory Board / Emergency Committee
CAPEX Capital Expenditure
CCM Component Capacity Management
CFIA Component Failure Impact Analysis
CI Configuration Item
CMDB Configuration Management Database
CMIS Capacity Management Information System
CMM Capability Maturity Model
CMMI Capability Maturity Model Integration
CMS Configuration Management System
COTS Commercial off the Shelf
CSF Critical Success Factor
CSI Continual Service Improvement
CSIP Continual Service Improvement Programme
CSP Core Service Package
CTI Computer Telephony Integration
DIKW Data-to-Information-to-Knowledge-to-Wisdom
eSCM-CL eSourcing Capability Model for Client Organizations
eSCM-SP eSourcing Capability Model for Service Providers
FMEA Failure Modes and Effects Analysis
FTA Fault Tree Analysis
IRR Internal Rate of Return
ISG IT Steering Group
ITIL® Glossary v01, 1 May 2006: Acronyms
ISM to SACM
Acronym Term
ISM Information Security Management
ISMS Information Security Management System
ISO International Organization for Standardization
ISP Internet Service Provider
IT Information Technology
ITSCM IT Service Continuity Management
ITSM IT Service Management
itSMF IT Service Management Forum
IVR Interactive Voice Response
KEDB Known Error Database
KPI Key Performance Indicator
LOS Line of Service
MoR Management of Risk
MTBF Mean Time Between Failures
MTBSI Mean Time Between Service Incidents
MTRS Mean Time to Restore Service
MTTR Mean Time to Repair
NPV Net Present Value
OGC Office of Government Commerce
OLA Operational Level Agreement
OPEX Operational Expenditure
OPSI Office of Public Sector Information
PBA Pattern of Business Activity
PFS Prerequisite for Success
PIR Post Implementation Review
PSA Projected Service Availability
QA Quality Assurance
QMS Quality Management System
RCA Root Cause Analysis
RFC Request for Change
ROI Return on Investment
RPO Recovery Point Objective
RTO Recovery Time Objective
SAC Service Acceptance Criteria
SACM Service Asset and Configuration Management
ITIL® Glossary v01, 1 May 2006: Acronyms
SCD to WIP
Acronym Term
SCD Supplier and Contract Database
SCM Service Capacity Management
SFA Service Failure Analysis
SIP Service Improvement Plan
SKMS Service Knowledge Management System
SLA Service Level Agreement
SLM Service Level Management
SLP Service Level Package
SLR Service Level Requirement
SMO Service Maintenance Objective
SoC Separation of Concerns
SOP Standard Operating Procedures
SOR Statement of requirements
SPI Service Provider Interface
SPM Service Portfolio Management
SPO Service Provisioning Optimization
SPOF Single Point of Failure
TCO Total Cost of Ownership
TCU Total Cost of Utilization
TO Technical Observation
TOR Terms of Reference
TQM Total Quality Management
UC Underpinning Contract
UP User Profile
VBF Vital Business Function
VOI Value on Investment
WIP Work in Progress
Acknowledgements
We would like to express our gratitude and acknowledge the contribution of Stuart Rance and Ashley Hanna of
Hewlett-Packard in the production of this glossary.